Hoteliers and their customers are the target of cyberattacks targeting their interface with the booking platform Booking.com, alert Friday the employers’ association of the hotel and catering industry, the GNI, which invites the professional victims to disconnect from the site, to warn their customers and to file a complaint.
Since the end of December, cybercriminals have taken control of the interface of certain professionals with Booking.com, thanks to targeted phishing techniques and have sought to extort payment data from Internet users who have used the platform, alerts the GNI in an email. to its members.
These messages invite hoteliers to click on a link that contains a file infecting their PC with viruses that seize passwords allowing hackers to modify the “brand name, (the) contact details, rooms and prices” of establishments .
“We don’t know where the security breach comes from”
Hackers also pose as the hotel to its customers, making contact either via Booking.com messaging or via WhatsAppto invite them to click on a link and provide their bank details.
“We don’t know where the security breach comes from, from the hoteliers or from Booking, but the cybercriminal manages to enter the hotelier’s messaging system and recover the information,” Véronique Martin, director, told AFP. of the Europe and digital department at the GNI.
“Hoteliers must file a complaint and customers too, which will make it possible to assess the extent of these attacks,” she said, adding that she had “identified a dozen Parisian hoteliers targeted” by them. “But that is certainly only the tip of the iceberg. We must prevent it from spreading throughout France, or even in Europe, ”says Véronique Martin.
The GNI seized the cybermalveillance.gouv.fr platform and alerted the Fraud Repression and the Cnil on “the lack of support from Booking.com in this security breach”. Asked by AFP, the platform affirms that “the security breach does not come from Booking.com” and ensures that “the accounts concerned were quickly locked”, and that “the travelers potentially concerned had been informed. »