At the end of last year, online travel agent Booking.com admitted that it had to compensate customers whose personal details and booking information had been stolen. Although this information did not contain financial details and the type of information was not enough for direct fraud to occur, it did give scammers a foot in the door.
Armed with only the name, email address, and basic booking information such as the booking reference number, fraudsters were able to target customers with emails demanding pre-payment. This kind of phishing scam is not new, but proved disturbing and has effected around 10,000 Booking.com customers.
The cause of this data leak is unclear, and no party has yet claimed responsibility for this issue. However, Booking.com has since made changes to lock down their systems.
All online systems are only as safe as their weakest link. Bookability.io takes security extremely seriously and all our systems are frequently probed for potential security issues. Unfortunately in cases such as this, directly targeting customers is still the easiest method for fraudsters to make a quick buck. Awareness and vigilance are still key in preventing any case of email phishing, and you can find out how to combat phishing at Trend Micro.