Normally I’m immune to all the phishing stuff that reaches you by mail every day. But how would you react if you made a booking via Booking.com, it was also confirmed and a week later via the app and also on the website in the communication there is an obvious phishing attempt, but you recognize it as such only at second glance? Once again, the message came not by mail, but directly via the app and you can also find the content in the message history with the hotel on the website. Of course, I first called the hotel why I should verify my credit card again and the colleague at the desk said I was already the second in the last 10 minutes. She also didn’t know what to do now. I do and I also explained it to her long and wide.
I tried to reach Booking.com, but there is not even a German support hotline. Only chatbots and contact forms. Of course, I also reported it in writing, but it came: nothing. It has happened to me at Booking.com several times that some system messages came in English, although one is logged in as a German customer, so it didn’t trigger me further, but I found it funny. I have here first of all the complete message history from the Booking.com website. And please pay attention to the content because you have to be suspicious 😀
The reaction of the hotel came after an hour, after I had experimented a little with the site. The link sent via the Booking.com platform led to a page whose domain in the URL was registered via Gibraltar and which was based on the GoDaddy web building kit system. I have informed Booking.com, the hotel as well as GoDaddy in writing and at least GoDaddy has reacted and taken the page offline in the meantime.
However, I have two questions that neither Booking.com nor the hotel wanted to answer:
- How does a scammer get hold of my internal booking data at Booking.com, i.e. from the travel date and address to the price? That only the IT infrastructure of Best Western was infiltrated is rather unlikely, but certainly not excluded. Only who does so much work for only one hotel or chain? Also, this page showed the correct price from Booking.com at the time of sending, but not my individual and discounted amount? That’s why I rather guess the booking portal as a direct sender.
- How is it even possible that a scammer can send messages directly to customers via the platform in the name of the hotel? There is probably a gap in the security concept that is at least as big and deep as Lake Constance. Anyone who reads this with the app, as preferred by Booking.com, will also not see any further URLs and, with a bit of bad luck, will unfortunately trust the provider blindly. Which was probably the intention.
After all, the verification query is a sure sign that no credit card data was stolen at Booking.com, otherwise the effort would not have been necessary. However, the handling, also in the communication with the customer, raises a lot of questions about the seriousness of the parties involved and a bad light on their IT. And who is actually liable for any financial losses?
And what do you do if you do click?
I spoke with my credit card company yesterday and the legal situation is quite tricky. The hurdle to reverse any unauthorized bookings or to get a replacement is quite high, because the customer is unfortunately in the burden of proof. So it’s better to block the card in question as a preventive measure. One tip that I have been following for years is to have all debits from abroad verified, regardless of the amount. Then nothing works at all without explicit approval via the banking app. If the credit card company does not offer this: change.
In general, you should take screenshots or better not react directly at all, but at least contact the hotel or the organizer first. Booking.com is a dumb juggernaut that unfortunately does not react immediately. You are always unlucky if there is someone on the other end of the phone who is completely overwhelmed with such problems. Then, as a customer, you have to raise the escalation level, which, as you know, I like to do. The bottom line is that I certainly got away with it once again, but who doesn’t quickly click through such prompts when the travel date is close and such correspondences come directly from the provider in an official app?
Unfortunately, no one wants to say exactly where the gap is now, and how high the potential damage is, unfortunately, also not. But maybe someone else will find out who has had more luck collecting information than I have. Then there is an update.
40 Antworten
Kommentar
Lade neue Kommentare
Veteran
Urgestein
1
1
Mitglied
Veteran
Veteran
Mitglied
Neuling
Urgestein
Veteran
Veteran
Urgestein
Urgestein
Veteran
Urgestein
Veteran
Urgestein
Veteran
Alle Kommentare lesen unter igor´sLAB Community →