The fraud begins with messages that customers receive on the official Booking platform itself or via WhatsApp. The criminals allege payment issues or an urgent security verification to force the customer to pay for the reservation immediately.
To achieve the necessary credibility, the fraudulent messages contain references to the actual reservation, such as the hotel name, dates, or identifier. The Cybersecurity Agency of Catalonia (ACC) explains that the scammers obtained this data by stealing the credentials of the accommodations on the platform.
The messages usually have an urgent tone, as the usual threat is the loss of the reservation or the application of a temporary charge.
The ACC urges users to distrust any message requesting personal or banking data urgently. They recommend not clicking on suspicious links and always contacting the accommodation directly through its official channels to verify or resolve any issues.
