Cyber crooks have targeted travel firm Booking.com in a bid to steal hundreds of thousands of pounds from customers.
Users were sent WhatsApp and text messages claiming a security breach meant they needed to change their password.
But the link gave hackers access to bookings and they then sent follow-up messages demanding full payment for holidays in advance with bogus bank details provided. These appeared genuine as they included personal data including names, addresses, phone numbers, dates and prices of bookings, and reference numbers. Marketing manager David Watts, 35, of Newcastle, got a WhatsApp message but realised it was a scam. He said: “It looked very believable and I can believe people fell for it.” But even if customers did not fall for the scam, the hackers still got personal data.
Booking.com insists its systems were not compromised, but said hotels it works with on a separate portal were and customers will be compensated.
