‘It looked so real’: Traveller falls prey to sophisticated Booking.com scam

The digital age has brought about many conveniences, especially in how we plan and book our travels.

However, with the increased ease of making online reservations, there also comes a heightened risk of scams targeting unsuspecting travellers.

Recently, the Australian Competition and Consumer Commission (ACCC) has reported a worrying surge in scam activities, specifically those referencing the popular accommodation site Booking.com, leading Australians to lose substantial sums of money.



In 2023, over $337,000 was lost by Australians to scams mentioning Booking.com, which is a staggering jump and a nearly 600 per cent increase from 2022, according to the ACCC.

The ACCC's Scamwatch program received 363 complaints, a figure that can't be ignored and indicates a clear trend.


Screenshot 2024-02-01 at 10.36.05 AM.png
An example of a scam message through Booking.com Credit: ABC News


One of the latest victims of the Booking.com scam is Robyn, a Queensland resident.

She said she received a message through Booking.com, seemingly from a hotel in Istanbul, Türkiye, where she had a booking.

The message claimed her booking would be cancelled unless she confirmed her payment details. The link provided led her to a site that looked identical to Booking.com, complete with her trip details and costs.

'It was very legitimate looking, it was so good,' Robyn said.

'It was very confusing and so convoluted…It all looked so real.'



After providing her credit card details, she was told her card couldn't be used due to 'security purposes'.

When she entered the details of a second card, she was asked to make a bank transfer.

This raised her suspicions, and she messaged the hotel through Booking.com, not realising that cybercriminals were controlling the messages.

‘I had a conversation with people that I thought were in the hotel,’ she recounted.

‘I got very angry, and they then became very aggressive with me.’

Then, a legitimate representative from the hotel eventually called her directly.

'The hotel said that their system through Booking.com had been basically hijacked,' she said.

'They could see me talking to people, but it wasn't them…They said they couldn't get into the system to tell me to stop talking to them.’



Within an hour of her credit card details being stolen, her bank contacted her about a suspicious transaction on her account—a hotel booking in Budapest, Hungary, made through Booking.com.

When she contacted the Budapest hotel, Robyn was told the venue had already cancelled the booking because a man with a French accent, a Portuguese name, and an English address made it.

In total, Robyn's cards were used for accommodation bookings totalling around $25,000. Fortunately, her bank later returned the funds.

When Robyn contacted Booking.com about the fraud, she found the company's customer service team to be 'uninterested'.

'I said, “Your system has been hacked…I was talking to these people through your system.” And they were just really unhelpful and didn't care,' she said.

Unfortunately, Robyn wasn’t the only one who got scammed through Booking.com

Last year, several customers of the site voiced complaints regarding fraudulent emails from [email protected], threatening cancellation of the customers’ stay unless they confirmed their bank details through an embedded link.

There was also an intricate phishing scam from a travel website where unknown hackers swooped in to steal unsuspecting customers’ credit card details.


hooded-computer-hacker-stealing-information-with-laptop.jpg
Robyn said the Booking.com scam message ‘looked so real’. Credit: Freepik


Booking.com acknowledged that some of its accommodation partners had been targeted by phishing emails 'sent by professional criminals, with the intent of taking over their local computer systems with malware'.

‘In some cases, this has led to unauthorised access of their Booking.com account, which enables these fraudsters to temporarily impersonate the accommodation and communicate with guests via email or messages,’ a spokesperson said.

‘It's important to highlight that Booking.com's back-end systems and infrastructure have not been breached, and the number of accommodations impacted are a small fraction of those on our platform.’

The statement continued: ‘At the same time, we understand the importance of keeping the data we are entrusted with secure. That's why we continue to make significant investments to limit the impact and have put new measures and alerts in place to update and protect our customers, as well as our accommodation partners.’

The company then advised customers to report suspicious messages to its customer service team, check the payment policy associated with their booking, and be careful not to share their credit card details over email, text message or instant messaging platforms.

Booking.com, which has its headquarters in Amsterdam, said that it had more than 2.7 million properties and more than 400,000 hotels, motels, and resorts on its website by the end of 2022.



The ACCC advised Booking.com users to protect themselves from phishing scams by independently verifying any emails or messages they receive which include a link or ask for personal or banking information.

This usually involves contacting the accommodation provider directly using a phone number from their official website—and not one provided in an email or Booking.com message.

'Be aware that Booking.com customer service representatives won't ask you to provide your account password or financial information such as a credit card over the phone,' the ACCC said.

Booking.com also shared with its accommodation providers—which use its property management platform Extranet—that provider accounts ‘can be a tempting target for cybercriminals and fraudsters’, as they contain a ‘large amount of guest data, including names, addresses, credit card details, and phone numbers’.

‘Fraudsters may attempt to mimic our emails in order to phish your username and password for the purposes of taking over your account,’ Booking.com said

‘These phishing emails can lead to a webpage that looks very similar to the Booking.com Extranet login page—but if you look at the URL address bar, you'll notice differences.’



Booking.com said it disables properties to include links in messages to guests if suspicious activity is detected on their account.

Robyn's experience serves as a cautionary tale for all online users.

'Would I get caught like that again? No,' she said.

'Have I booked through Booking.com again? No.'

Tip
If you or someone else was scammed, notify your bank immediately. You can also report the scam to Scamwatch here.

You can also head over to our Scam Watch forum to stay updated with the latest tricks scammers use to deceive people out of their money and sensitive details.
Key Takeaways

  • Scam reports mentioning Booking.com have experienced a significant surge in 2023, leading to substantial financial losses for Australians.
  • Victims of Booking.com scams, such as Queensland resident Robyn, have encountered sophisticated phishing attempts that mimic legitimate communications from accommodation providers.
  • Booking.com asserts that its back-end systems have not been breached but acknowledges that a number of its accommodation partners have been affected by phishing attacks that enable scammers to impersonate them.
  • The ACCC advises Booking.com users and accommodation providers to be vigilant and independently verify any communications requesting personal or banking information as part of measures to protect themselves from phishing scams.
Have you ever encountered a similar situation, members? Share your experiences and tips in the comments below.
 
Last edited:
  • Haha
  • Like
Reactions: Petra and Ezzy
Sponsored
Once again if anyone clicks on any of these links on these emails then:
I HAVE NO SYMPATHY WHATSOEVER FOR THEM
THEY DESERVE TO LOSE EVERY CENT THEY HAVE!

Avoiding a scam is so damn simple.
Sadly it’s the SIMPLE people getting caught.

How many times do people have to be told?
If you get any message from any of these supposed organisations stating there is an issue with payments or anything for that matter SIMPLY close the message and contact that organisation direct either by phone or using the known app with your login and password!

As I have said so many many times before, if you are stupid enough to click on any link on any of these messages then you are a fool! And A FOOL AND THEIR MONEY ARE EASILY PARTED!
 
If you get an email about something like this, or anything!, RING THEM don't deal with people thru emails!!!! Ring them where you can be sure you are speaking to the right people!!
 
  • Like
Reactions: Angela Cockburn
Just yesterday I received a similar message from Booking.com. I agree that it looked very authentic, but I smelled a rat because of 3 emails in short succession, a very slight spelling error and insistence on replying immediately. The body of the information though even had a booking ID etc. I contacted the hotel and was told they had had several calls that morning from other guests. They were now going to contact all guests with bookings for at least a month ahead to warn them. Such a waste of everyone’s time!!
 
  • Like
Reactions: Angela Cockburn
An easy way to avoid scams on Booking.com is not to use them.👍

They're nothing special. Just book directly with the hotel you want to stay at. Will always be cheaper and you get your choice of room and possibly some perks?

I've recently booked a hotel in Canberra. Their website and others came up when booking, so I looked for the hotel's own website and booked directly through that with no hassle.
 
  • Like
Reactions: mylittletibbies
Once again if anyone clicks on any of these links on these emails then:
I HAVE NO SYMPATHY WHATSOEVER FOR THEM
THEY DESERVE TO LOSE EVERY CENT THEY HAVE!

Avoiding a scam is so damn simple.
Sadly it’s the SIMPLE people getting caught.

How many times do people have to be told?
If you get any message from any of these supposed organisations stating there is an issue with payments or anything for that matter SIMPLY close the message and contact that organisation direct either by phone or using the known app with your login and password!

As I have said so many many times before, if you are stupid enough to click on any link on any of these messages then you are a fool! And A FOOL AND THEIR MONEY ARE EASILY PARTED!
What a nasty piece of work you are, I got caught with this scam, and I am always extremely careful. I went into my booking.com anccount not through the email and the msg was on that account, I was able to speak to someone in this account, it is in fact a booking.com account that has been hacked. I hope you never get caught out
 
An easy way to avoid scams on Booking.com is not to use them.👍

They're nothing special. Just book directly with the hotel you want to stay at. Will always be cheaper and you get your choice of room and possibly some perks?

I've recently booked a hotel in Canberra. Their website and others came up when booking, so I looked for the hotel's own website and booked directly through that with no hassle.
As a regular Bookings.com user I save 10% on every booking. I have never been able to get a better price booking direct. I can still request a certain room or anything else I may want. Book cab, hire car etc. Different accommodation offer different perks on arrival.
Am also sent details of all attractions in the area I'm visiting.
Can't do any of that booking hotel direct.
 
  • Like
Reactions: SiggyC
What a nasty piece of work you are, I got caught with this scam, and I am always extremely careful. I went into my booking.com anccount not through the email and the msg was on that account, I was able to speak to someone in this account, it is in fact a booking.com account that has been hacked. I hope you never get caught out
Well said, we are all vulnerable no matter how careful we are.
 
Well said, we are all vulnerable no matter how careful we are.
Can anybody explain to me that if their website has been hacked, how come everybody using their site hasn't been scammed.
I have never had a problem. In saying that I never clink in any links, no matter who sends them and always look up phone numbers myself before ringing anyone.
Paranoid maybe,but you can't be too careful
 
What a nasty piece of work you are, I got caught with this scam, and I am always extremely careful. I went into my booking.com anccount not through the email and the msg was on that account, I was able to speak to someone in this account, it is in fact a booking.com account that has been hacked. I hope you never get caught out
i agree with Diane.
 
What a nasty piece of work you are, I got caught with this scam, and I am always extremely careful. I went into my booking.com anccount not through the email and the msg was on that account, I was able to speak to someone in this account, it is in fact a booking.com account that has been hacked. I hope you never get caught out
You are entitled to your opinion.
Not nasty, just sick of people shin when they get caught due to their own stupidity.
Regularly is Booking.com logging in with my details and never had a problem!
 
  • Like
Reactions: mylittletibbies
Can anybody explain to me that if their website has been hacked, how come everybody using their site hasn't been scammed.
I have never had a problem. In saying that I never clink in any links, no matter who sends them and always look up phone numbers myself before ringing anyone.
Paranoid maybe,but you can't be too careful
Totally agree!
 
Try to avoid using Booking.com wherever possible. One night I booked The Fullerton Hotel in Sydney with Booking.com because of a serious shortage of accommodation in Sydney. Within 2 minutes of this booking another room (@$700/night) became available in the Rydges Airport Hotel. It had been paid for and I was asked to cancel the Fullerton Hotel. No refund even though the site stated free cancellation. Booking.com were totally unhelpful , something I will never forget. And the Hotel washed their hands of it as well. Probably foreign owned. Leaves a bad taste in your mouth
 
The message stinks of SCAM from the first sentence to the last. Nothing realistic about it. The added link, 24 time limit, use your mastercard are all giveaways.
 

Join the conversation

News, deals, games, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.

Seniors Discount Club

The SDC searches for the best deals, discounts, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  1. New members
  2. Jokes & fun
  3. Photography
  4. Nostalgia / Yesterday's Australia
  5. Food and Lifestyle
  6. Money Saving Hacks
  7. Offtopic / Everything else

Latest Articles

  • We believe that retirement should be a time to relax and enjoy life, not worry about money. That's why we're here to help our members make the most of their retirement years. If you're over 60 and looking for ways to save money, connect with others, and have a laugh, we’d love to have you aboard.
  • Advertise with us

User Menu

Enjoyed Reading our Story?

  • Share this forum to your loved ones.
Change Weather Postcode×
Change Petrol Postcode×