Real Hotel Booking Info Used in Holiday Phish

  • 1 Replies
  • 338 Views
*

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10660
Real Hotel Booking Info Used in Holiday Phish
« on: August 04, 2014, 01:05:15 PM »
We'll probably move this to Phishing, Fraud and Spam Reporting later, but it is so interesting that I thought I'd post it in Current News for a while.
-----------------------------------------------------------------------

Real Hotel Booking Info Used in Holiday Phish


There’s a curious tale over at The Register where a couple ready to go on holiday had a very convincing email sent their way in relation to a hotel booking.

How convincing? Well, it contained all of their genuine hotel booking information for starters – and claimed to be sent from Booking.com, which happens to be the company they booked their stay through. The information included:

* Correct reservation dates
* Correct hotel name
* Personal information such as name, home address
* Correct invoice amount

The email didn’t stop there – it also asked for payment information (CVV number) and asked for a payment to be wired to what appears to be a bank in Poland (despite the hotel being in Spain).

Read on:
http://blog.malwarebytes.org/fraud-scam/2014/08/real-hotel-booking-info-used-in-holiday-phish/


Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-

*

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • 2830
Re: Real Hotel Booking Info Used in Holiday Phish
« Reply #1 on: August 04, 2014, 06:18:36 PM »
Looks like booking.com has been compromised.  A packet sniffer would be too random to get that kind of info.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte