A new phishing campaign featuring the Booking website is currently raging via email. Here are the signs you should look out for to spot fraud.
Microsoft has spotted that a phishing campaign was underway. It featured the accommodation booking site Booking by imitating its graphics. This isn't the first time this has happened, but here the modus operandi is a little different. It all starts with the receipt of an email claiming that you need to complete a “quick verification process” to “ensure the security of your Booking account“. To do this, you must click on a button “Confirm my identity“.
First of all, Booking has no reason to send you this kind of email. If the site believes that your username or password has been compromised, it can certainly warn you, but without asking you to click on a link integrated into the message. Simply log in to your account from the service's homepage to check if everything is in order.
Read also – Booking: be careful, a simple typo can put all your personal data at risk
Secondly, the vast majority of emails of this kind attempt to scare you by simulating a sense of urgency. This is the case here with a box which indicates that if you do nothing within 24 hours, your access to Booking will be blocked. Again, there's no need to rush. You can go to the website or even call customer service to check what's going on.
Finally, and this is the most obvious sign that it's a scam, here's what happens if you click on the button anyway. You arrive on a website whose blurred background is reminiscent of the Booking interface. In the center of the screen, a popup appears as a CAPTCHA to verify that you are not a robot. Except that it is resolved in a very strange way.
This email from Booking.com is a phishing attempt, don't be fooled
The CAPTCHA asks you to press the Windows + R on your keyboard, which opens the Run function. Then press CTRL + V to paste a command line previously placed by the fake site in your clipboard, without your knowledge.
And finally, press Enter to validate everything. This is what will launch the installation of several malware on your machine. These will then find your personal data (passwords, bank details, etc.) and send everything to the hackers.
As you will have understood, no CAPTCHA will ask you to do this. Solving a puzzle, clicking on the intruder in a list, yes, but not that. As we repeat every time: if you have the slightest doubt, do not click on anything and contact the site or brand that appears to be the origin of the message directly.
Source: Microsoft Security
0 Comments