Beware That Email From Booking.com, It Could Be a Phishing Scam
1 min read
Summary
A report by Microsoft Threat Intelligence has warned that an active phishing campaign is targeting Booking.com and hospitality organisations worldwide.
The scam, which uses a technique known as ClickFix, displays fake error messages that trick users into running commands that download malware.
Potential victims are directed to a fake Captcha page which instructs them to open a Windows Run window, input a command, and download the malware.
This allows the malware to bypass security software and steal financial data as well as other credentials.
The campaign is especially risky as it actively targets those making travel bookings while travelling, a scenario where users are more likely to be distracted or in a hurry and therefore less likely to fully scrutinise dubious emails.
The advice to users is to not click on any links in an email and to instead go straight to the official site to resolve any issues.
