Booking.com has been breached and the outcomes are shocking.

Hey MCK’s, Today we will talk about a shocking hotel scam and wonder for our safety in the internet world. Like any other typical scam hackers are pretending to be the staff and demanding money and these hackers went to an extreme by posting adverts on dark web forums asking for potential victims and they are offering up to $2000 for login details of hotels.

Like any other e-commerce website booking.com is known for its customer integrity but since at least last March customers have been tricked into sending money to cyber-criminals. To those of you who don’t know about booking.com, it is one of the largest websites for holidaymakers, but customers from the UK, Indonesia, Singapore, Greece, Italy, Portugal, the US, and the Netherlands have complained online about being victims of fraud through the website. Cyber-security experts say Booking.com itself has not been hacked, but criminals have devised ways to get into the administration portals of individual hotels that use the service.

Well, the researchers found the way that hackers used to access the administration portal. Like a normal customer, the hacker sends a mail saying that he left his passport in the hotel room and they provide a link that contains the passport e-copy when the hotel staff opens the link it will automatically download a malicious software tool called Vidar Infostealer. Then the hackers log into the Booking.com portal allowing them to see all customers who currently have room or holiday reservations. The hackers then message customers from the official app and are able to trick people into paying money to them instead of the hotel.

Lucy Buckley was contacted through the Booking.com app in September by hackers using broken English, who convinced her to send them £200. She says they pretended to staff at the Paris hotel where she had booked a room, saying that she must pay the money or her reservation would be lost. After she sent the money, the real hotel staff informed her they had no knowledge of the payment. Acting quickly, she managed to get a refund from her bank, which revealed her money had been sent to an account in Moldova. A Booking.com spokesman said: “While this breach was not on Booking.com, we understand the seriousness for those impacted, which is why our teams work diligently to support our partners in securing their systems as quickly as possible and helping any potentially impacted customers accordingly, including with recovering any lost funds.”

Cyber-security expert and podcaster Graham Cluley was also nearly tricked into sending money to hackers. He says Booking.com hotels should implement multi-factor authentication to make it harder for criminals to log in illegally. To those who don’t know Graham Cluley, he is a British security blogger and the author of grahamcluley.com, a daily blog on the latest computer security news, opinion, and advice. Now imagine a person like Graham Cluley can also be scammed what is the position of normal people like us? So kindly be aware of whom you are talking with and stay safe, this is Siddarda Gowtham Jagabathina From Marvelous Cyber Knight Saying Don’t Get Scammed.