Some 10,000 Booking.com customers from around the world fell victim to a fraud scheme and the online travel company has provided refunds to these customers who had reserved hotel rooms with the service, according to published reports.
The BBC reported that scammers phoned Booking.com customers who had hotel reservations and alerted them that they would receive an email from Booking.com. Bogus emails were sent out informing customers that they would have to pay for their hotel reservations in advance — even though Booking.com customers usually pay at the hotel when they stay.
Customers were instructed to pay in advance using banking details that had no connection to the hotels or Booking.com, which is the largest subsidiary in the Priceline Group.
The BBC was tipped off to the scam by someone who worked in one of the phone banks and claims to have been an unwitting participant in the fraud.
Booking.com customers who fell victim to the scheme hailed from the U.S., UK, France, Italy, Portugal, India, and China, for example.
Booking.com refunded some 10,000 customers, according to published reports.
“The company said it was committed to countering fraud and once it noticed a guest was affected by phishing activities, it immediately notified the individual,” the Telegraph reported. “Since the fraud, it has made changes so data can only be accessed from a computer linked to the hotel’s server.”
Hacking incidents and phishing scams inside and outside of the travel industry are taking their toll. In addition to Booking.com, Tours and activities provider Viator fell victim to a data breach impacting 1.4 million customers several weeks ago, and vacation rental provider HomeAway and others have been impacted by phishing scams in recent years.
Booking.com couldn’t be immediately reached for additional comment.