Tube4vids logo

Your daily adult tube feed all in one place!

We've fallen victim to Booking.com scammers: Holidaymakers lose up to £1,200 and are forced to cancel well-earned rests after being fleeced by phishing fraudsters - as customers demand crackdown on 'appalling' con

PUBLISHED
UPDATED
VIEWS

Holidaymakers have slammed Booking.com accusing the platform of failing to crack down on 'appalling' scammers who have tricked customers on its official app.

MailOnline has been contacted by dozens of people targeted by cybercriminals, with some forced to cancel their holidays due to the cost and stress of resolving the issue.

Posing as hotels who they have reserved rooms with, the scammers trick travellers into handing over their bank details by claiming they need to pay straight away or face losing their booking. 

One family had to cancel their dream holiday to Thailand after they were scammed out of £465 by fraudsters and left unable to get a refund from Booking.com, the hotel or their bank.

Another victim had nearly £1,200 pilfered from her account by scammers after tricking her into thinking she was interacting with a hotel she had made a booking at.

Booking.com told MailOnline that its systems 'have not been breached' but some of their accommodation partners have been targeted by 'very convincing and sophisticated phishing tactics'. 

Have you been targeted by this scam? Email [email protected] 

Kira Smith (pictured) had £700 taken from her bank account by scammers pretending to be staff at a hotel she had reserved a room at through Booking.com

Kira Smith (pictured) had £700 taken from her bank account by scammers pretending to be staff at a hotel she had reserved a room at through Booking.com

Kerry Wilde had nearly £1,200 taken from her account by the scammers after being messaged through the Booking.com messaging service

Kerry Wilde had nearly £1,200 taken from her account by the scammers after being messaged through the Booking.com messaging service

When contacted by concerned customers about the scam, Booking.com claims that the issue is not with its site, but with hotels that have been tricked by scammers into allowing them access to their accounts.

However, that will be scant consolation to those who have they holiday plans impacted by the scam, which includes people attempting to stay in Britain for shorter breaks.

Kerry Wilde, 57, from London, was targeted after she booked a one night stay in Whitstable.

The overnight booking, which was meant to be a gift for her daughter and partner, ended up turning into a nightmare after they took £1,200 from Kerry's account.

Kerry claims she received a message from within the Booking.com site messaging system to say she needed to pay the rest of her booking fee or face losing the reservation.

'As the message was sent within Booking.com it didn't cross my mind that it could be a scam,' she told MailOnline. 

'The message was within the message thread that I already had for the booking so I went ahead with the payment. 

'I received the message just prior to an important appointment so that added to the "must do now" urgency of the situation. 

'The payment buffered so after the appointment I tried again and the buffering happened again. 

'So I then messaged the owners of the property asking them if the payment had gone through and queried that I had thought that payment was due several weeks later. 

'They replied that they hadn't changed the payment date or requested payment so alarm bells rang loud!'

Kerry immediately went onto her online banking and saw that four transactions worth £1,200 had gone through in the space of just 10 minutes.

After ringing her bank's fraud department they agreed the transactions were fraudulent and agreed to return the money. 

Kira Smith says the cruel scammers told her 'thanks for the money' after she said she couldn't transfer any more to them

Kira Smith says the cruel scammers told her 'thanks for the money' after she said she couldn't transfer any more to them

Kira says she was left 'sick' after realising she had been scammed to the tune of £700 on the app

Kira says she was left 'sick' after realising she had been scammed to the tune of £700 on the app

'My card was cancelled and re issued which took over a week,so again that caused more inconvenience,' she said. 

'I rang Booking.com customer service to report the fraud and said that as it had occurred within their app it left me with no sense of security to use the app again. 

'They said that they had never had another incident and that it would be investigated by them. I have never heard a word from them since. 

'I cancelled my booking because I didn't want to use my new card within the app to pay for the rest of the booking in case the scammers could access the details.

'I was furious with the incident and all the inconvenience it caused.'

Kira Smith, from Newport in South Wales, fell victim when the fraudsters impersonated her hotel in Singapore ahead of her stay in January.

'I got a message through the Booking.com in-app messaging system saying they needed some card details to confirm my identity to stop fraud,' she said.

'I did think it was a little odd but it came through the app so I thought it was fine. 

'There was a link in the message which took me to a payment portal. It wasn't working but I ended up live web chatting with who I thought was the hotel

After taking £700 from her account, the scammers told Kira, 38, the transaction had failed and she needed to do it again. 

However, she told them she couldn't as she didn't have another £700 to send, sparking a cruel retort from the criminals. 

'That's when they said "thanks for the money" then promptly disappeared. The link no longer worked. 

'I was horrified. I'm always so careful. It wasn't just that they taken the money, but it was how it made me feel.'

Kira, who ended up going on her trip to Singapore as part of a larger journey to New Zealand with her partner over Christmas, said she has been left 'sick' following the scam.

'I contacted Booking.com straight away who said they'd look into it,' she said. 

'I received a message from the hotel which basically said to be aware of scammers and that was the last thing I heard from either of them. I tried messaging but no one ever responded. 

'They wouldn't refund me. I felt sick. I've been using Booking.com for years and was so disappointed and how I was treated. They just didn't care.'

An example of a message sent by suspected scammers through Booking.com while pretending to work at a hotel

An example of a message sent by suspected scammers through Booking.com while pretending to work at a hotel

Another example of a message suspected to have been sent by scammers to one Booking.com customer

Another example of a message suspected to have been sent by scammers to one Booking.com customer

Sarah Maynard said she was forced to cancel a potentially magical trip to Thailand in after being targeted by the fraudsters who posed as one of their hotels in August last year.

She told MailOnline: 'We booked a trip to Thailand and one of the hotels was clearly hacked (upon reflection).

'However their email and message through Booking.com said our booking had failed payment verification so we had to re-enter our card details. Unbeknownst to us, it was fraud.'

Sarah said they had £465 taken from her husband's account, with hotel only noticing the issue on their end three days later.

Despite the evidence of the scam and paying on credit card, she was unable to get the money back from her bank. 

'Booking.com did not care and the hotel would not cancel our booking without a fee,' she said. 

'We ended up cancelling the holiday due to this experience.'

Cathy, who was targeted by the scam but was able to keep hold of her money, told MailOnline it was 'appalling' that it was being allowed to take place.

She revealed how she received a message through the Booking.com app in which the scammers 'knew all my details and hotel booking details' and claimed the reservation would be cancelled if she didn't update her card information.

'When I entered the details it buffered for a while and I felt a red flag,' she said. 

According to Booking.com, fraudsters have managed to gain access to the accounts of individual hotels on its platform - meaning they can pose as staff in messages (file image)

According to Booking.com, fraudsters have managed to gain access to the accounts of individual hotels on its platform - meaning they can pose as staff in messages (file image)

Customers of Booking.com have received messages from scammers, who are pretending to be from hotels they have booked (file image)

Customers of Booking.com have received messages from scammers, who are pretending to be from hotels they have booked (file image)

'I have two step verification on my MBNA credit card, the text message showed a higher value, in euros to a gaming company. I didn't authorise it. MBNA cancelled my card so luckily I didn't lose out but it was very convincing.'

The scam has caught eyes in financial industry, with one of Britain's biggest banks urging people to be mindful about potential fraudsters online. 

Lloyds said that while most holiday scams start on Facebook Marketplace, where fraudsters list  fictional holiday homes and take payments from customers before disappearing, the criminals are increasingly looking to more official booking websites to draw victims in.

Lloyds' tips for dodging holiday booking scams 

Purchase tickets and hotel stays from trusted retailers or, even better, direct from the airline or hotel. When booking stays, look for valid reviews on websites such as TripAdvisor.

Always use your debit or credit card. This helps to protect your money should something go wrong.

When booking stays through websites such as Airbnb and Booking.com, only pay through their systems. Do not transfer any money directly to the host.

If you're booking a hotel through a third party – like Booking.com – and receive what appears to be a message from the hotel asking for more money, after the original booking has been confirmed, do not pay this without contacting Booking.com or the hotel directly using the contact details on their websites.

Be cautious on social media. You don't know if the user or what they're selling is genuine and have few ways of checking. If buying a caravan or motorhome, always see the item in person before handing over any form of deposit.

Don't succumb to pressure. If a seller is trying to rush you, or bombarding you with messages, take a step back and question their keenness as this is likely to be pressure selling.

Pay attention to warnings. Your bank is likely to provide a warning when you set up a new payee or make an unusual payment. Be sure to follow any advice provided.

Lloyds said: 'Fraudsters have also been able to compromise the Booking.com mobile app, using it to successfully message holiday makers, posing as a booked hotel.

'While pretending to be the hotel, the scammer will ask for a further payment, to be sent in a different way to the original booking, or for card, bank account or other personal information. It's a sophisticated and layered scam, as it appears to be a message from the genuine hotel, sent through the actual Booking.com app.'

When contacted by MailOnline, a Booking.com spokesperson said: 'We can confirm that Booking.com's sytems have not been breached.

'Some of our accommodation partners have been directly targeted by very convincing phishing tactics, led by professional cyber criminals, encouraging them to click on links or attachments, which in turn has resulted in malware being loaded onto their machines, and in some cases giving unauthorised access to their Booking.com account.

'These bad actors then attempt to impersonate the partner (or even Booking.com) - sometimes very convincingly - to request payment from customers outside of the policy in their booking confirmation, with the attackers sometimes using a sense of urgency often coupled with what appears to be a reasonable context to convince unsuspecting customers to provide them with sensitive information.' 

'In tackling this particular attack, we implemented various safeguards early on but are continuously evolving our approach as these criminals pivot quickly and are using AI and machine learning.'

Some of the measures include: Requiring additional two-factor authentication, banners notifying guests that they should not communicate or provide credit card information via chat or email, Booking.com's own fake reservation detector and removing links sent from partners to guests and only allow pre-approved links.

The spokesperson added: 'As information is key, via multiple email campaigns over recent months, we have also been sharing additional tips and updates with our partners about what they can do to protect themselves and their businesses, including how to work together with us to keep their accounts secure while providing up to date information on the latest trends and techniques we are seeing on a regular basis.'

But despite the preventative measures 'it remains an area of priority and focus for us,' they said.

'We believe that sharing information on the attacks will help others in the hospitality industry improve their own defences.'

Comments