Booking.com “Internal Messaging” PhishingTarget: Travelers and Hospitality Partners WorldwideThreat Level: Critical (Authorized Account Access & Financial Fraud)Phishing Method DescriptionThis is a Multi-Stage Attack that exploits a chain of trust. Unlike typical phishing, the fraudulent message arrives directly within the official Booking.com app or your reservation chat.Phase 1 (The Initial Breach): Attackers first compromise a hotel’s …
Category Archives: Booking.com phishing pages
Booking.com phishing site detected
Booking.com Partner Phishing – Full Credential & 2FA Code Theft This phishing campaign impersonates Booking.com’s partner portal (the extranet used by property owners and managers). The scam uses a multi-page flow designed to capture the victim’s username, password, and two-factor authentication (2FA) codes in real time, allowing attackers to bypass security measures and take over …