Patrons of Hotel.com Become Victims of Phishing Scam

Threatpost.com published news on 24th June, 2015 stating that an undisclosed number of travelers using Hotels.com, a website for booking hotel rooms both online and by phone, might have been targets of a phishing email scam after some patrons were off late fooled into divulging their names, email addresses, phone numbers and travel bookings.

According to a notification sent to travelers, a person was apparently capable to convince patrons that they represented either Hotels.com or the inns where they reserved a room through deceptive emails and SMSs.

The notification which emphasizes that data of credit card was not hijacked in the incident, instructs customers to exercise caution while clicking on URLs and transferring money to bank accounts enlisted in deceptive emails from the unknown individual.

It is not clear how the individual collected personal information of the user to send out phishing emails in the first place. Expedia, parent company of travel booking service and Hotels.com, did not give further detail and did not answer a particular question about how the attacker gained access to contact and booking information of users.

Threatpost.com published news on 24th June, 2015 quoting Ingrid Belobradic, Consumer and Corporate PR Manager of Expedia as saying: "We have probed this phishing instance meticulously and affected patrons are being or already have been informed about this and accordingly they have been told about the suitable actions they may require taking."

Expedia claimed that it works constantly to improve the security of its service.

Bobsullivan.net published another statement on 24th June, 2015 quoting Belobradic as saying "To enhance security measure, we have applied a multi-level authentication process in collaboration with our hotel partners and have distributed several education mechanisms to our partners to enable them to understand the sensitivity and importance of these kind of fraudulent activities. Our security team constantly works to address situations like this and always focused to ensure that our sites remain secured as much as possible."

Moreover, Hotels.com is not the only online room booking website which has been attacked by cybercrooks because Booking.com is another online service used for booking which is also favorite of scammers.

» SPAMfighter News - 7/2/2015