If you work in cordial reception and ascertain an email in your inbox from Booking.com claiming to be an angry node , then keep an eye on out — it may well be part of a phishing scam . Microsoft has warn that a phishing campaign has been afoot transport fake emails from Booking.com which head users to download malicious software package .

In ablog postabout the issue , Microsoft Threat Intelligence write that this is an on-going campaign which has been around since December last year , and expend a societal engineering proficiency call ClickFix . The victim receives an email which appear to come from Booking.com and which can vary widely in its content — from invitee complaints to postulation for information from potential guests to account verification — and which includes a link ( or attaches a PDF with a nexus ) that claims to take the exploiter to Booking.com to deal with the issue .

When users select the connexion , they see a screen which appear to be a CAPTCHA overlay over a Booking.com page , but the CAPTCHA really instructs the user to afford up Windows Run and copy and past a command which downloads malware onto their scheme .

Once establish , the malware can slip financial data and credentials , a technique which Microsoft identify as in argument with a previous phishing run by a group it calls Storm-1865 .

Phishing scamsare unfortunately not strange today , however this is a fairly sophisticated interlingual rendition which takes advantage of cordial reception worker ’ worries about invitee satisfaction . To protect yourself from this and other phishing attempts , Microsoft suggest users to tick the transmitter ’s savoir-faire on a email , to be wary of subject matter about urgent threat , and to vibrate over links to see the full uniform resource locator before clicking on them . When in doubt , go directly to the service provider — in this fount , by croak flat to Booking.com — rather than clicking on a link .

Update 03/14/25 :

Booking.com provided the following affirmation :

“ Unfortunately , phishing attacks by reprehensible organizations set a pregnant terror to many industries . While we can affirm that Booking.com ’s system have not been breached , we are aware that unfortunately some of our accommodation pardner and client have been impact by phishing attack sent by professional malefactor , with the criminal aim of take over their local computer organization with malware .

“ The literal numbers of fitting affected by this cozenage are a small fraction of those on our platform and we continue to make significant investments to limit the encroachment on our customers and partners .

“ We are also committed to proactively help our accommodation partner and client to abide protect . We also allow for on-going cybersecurity education and imagination to our partners to raise their defenses against such terror .

“ Should a client have any concern about a defrayal substance , we require them to cautiously check the defrayal policy inside information on their reservation substantiation to be indisputable that the message is lawful . Customers are also advance to report any suspicious messages to our 24/7 client service squad or by clicking on ‘ report an issue ’ which is included in the confab function .

“ It is authoritative to take note that we would never ask a client to share defrayal information via electronic mail , chaffer content , text messages , or telephone set . We urge our client and partners to remain vigilant . If you encounter any communicating that seems mistrustful or requests sensible information through unofficial channels , please do not enlist . Report it straight off to our customer service team through prescribed Booking.com channels . OurTrust and Safety Resource Centeroffers extra guidance on realise and avoiding phishing attempts . ”