Hoteliers and their customers are being targeted by cyber-attacks targeting their interface with Booking.com’s booking platform, the hotel and restaurant employers’ union, the GNI, warned on Friday, calling on professional victims to log out of the site, to warn their customers and file a complaint.
Since the end of December, cybercriminals have taken over some professionals’ interface with Booking.com, using targeted phishing techniques and trying to extort payment data Internet users who have used the platform, notify the GNI in an email to its members.
These messages invite hoteliers to click on a link containing a file that infects their PC with viruses that steal passwords allowing hackers to change the “brand name, (i) contact details, rooms and prices” of the establishments .
The Pirates even impersonating the hotel to customers of the latter, by contacting them via Booking.com messaging or via WhatsApp, to invite them to click on a link and provide their bank details.
“We don’t know where the security breach came from, hoteliers or Booking, but the cybercriminal managed to enter the hotelier’s mailbox and retrieve the information”Véronique Martin, director of the GNI’s Europe and digital department, explained to AFP. “Hoteliers must file a complaint and customers too, which will allow us to assess the extent of these attacks”, he said, specifying that he had “identified a dozen targeted Parisian hoteliers” from them*. “But this is certainly only the tip of the iceberg. We must prevent it from spreading to France, or even Europe”*, believes Ms. Martin.
It was identified by the Parisian hotelier Fabienne Ardouin, who manages the France Albion and Helussi hotels “23 cases of phishing customers, five of whom clicked on the link and provided their credit card information to hackers”he told AFP. “I immediately cut off connectivity with the site: I no longer have rooms for sale on Booking.com, I’ve been losing turnover for a week”says the hotelier who chairs the GNI Digital Commission.
Alerted, the platform remained silent, continues: “My account executive just told me they were still looking.”
“Very well done scenarios”
The GNI seized the cybermalveillance.gouv.fr platform and alerted the Fraud Repression and the CNIL on “the lack of support from Booking.com in this breach of security”.
For Gérôme Billois, IT security expert at Wavestone, “hacks like this on platforms are extremely common”with a “increase in quality” Of these: “Hackers get usernames and passwords using very well-crafted scenarios.”
Call platforms for “put procedures in place to react very quickly” in the event of a cyber attack.
Questioned by AFP, the platform says so “The security flaw does not come from Booking.com” and insure it “Affected accounts were quickly blocked”And “Potentially affected travelers had been notified.”