French hoteliers and their customers are the target of cyberattacks targeting their interface with the Booking.com reservation platform, the hotel and catering employers’ union, the GNI, warned on Friday.
The GNI invites professional victims to disconnect from the site, notify their customers and file a complaint.
Since the end of December, cybercriminals have taken control of the interface of certain professionals with Booking.com, thanks to targeted phishing techniques and have sought to extort payment data from Internet users who have used the platform, alerts the GNI in an email to its members.
These messages invite hoteliers to click on a link which contains a file infecting their PC with viruses which seize passwords allowing hackers to modify the ‘brand name, (the) contact details, rooms and prices’ of establishments .
Via email
The hackers also pose as the hotel to its customers, making contact either via Booking.com messaging or via WhatsApp, to invite them to click on a link and provide their bank details.
“We don’t know where the security breach comes from, from the hoteliers or from Booking, but the cybercriminal manages to enter the hotelier’s messaging service and recover the information,” Véronique Martin, director, told AFP. of the Europe and digital department at the GNI.
“Hoteliers must file a complaint and customers too, which will make it possible to assess the extent of these attacks,” she said, adding that she had “identified a dozen Parisian hoteliers targeted” by them. ‘But that’s definitely only the tip of the iceberg. We must prevent it from spreading throughout France, or even in Europe, ”said Ms. Martin.
Cas de fishing
Parisian hotelier Fabienne Ardouin, who manages the France Albion and Helussi hotels, identified ’23 cases of phishing from customers, five of whom clicked on the link and gave their credit card information to hackers’, she told the AFP.
“I immediately cut off my connectivity with the site: I no longer have rooms for sale on Booking.com, I have been losing turnover for a week”, says the hotelier who chairs the Digital Commission of the GNI.
Alerted, the platform remained silent, she continues: ‘My account manager has just told me that they were still looking’.
The GNI seized the cybermalveillance.gouv.fr platform and alerted the Fraud Repression and the Cnil on ‘the lack of support from Booking.com in this security breach’.
‘Don’t go to Booking.com’
For Gérôme Billois, cybersecurity expert from Wavestone, “hacks of this kind on platforms are extremely common”, with an “increase in quality” of these: “hackers manage to obtain the identifiers and passwords of pass using very well-made scenarios.
He calls on the platforms to “put in place procedures to react very quickly” in the event of a cyberattack.
Asked by AFP, the platform claims that ‘the security breach does not come from Booking.com’ and assures that ‘the accounts concerned were quickly locked’, and that ‘the potentially affected travelers had been informed.’
/ATS