The French hotel industry is currently the target of a phishing campaign, has just revealed the National Group of Independent Hotels and Restaurants (GNI). The employers’ organization indeed reported, this Friday, January 13, the detail of the strategist who must allow an attacker to take control of the Booking space of a hotelier, the famous room reservation platform, then to defraud clients.
The GNI thus mentions the sending of messages by false customers to a hotel. In one of the examples presented by the employers’ organization, the sender asks the recipient to help guide his elderly parents. A link to photos hosted by Google Maps is mentioned. The sender also specifies that the link must be opened on a Windows computer and not a smartphone.
Taking control of the Booking space
In reality, opening the link triggers the downloading of “a set of viruses”, whose names are not specified. It is probably a Trojan horse, which will notably steal saved passwords. This then allows the attacker to take control of the target’s Booking space.
Once in possession of the Booking space of the targeted hotel, cybercriminals have control over exchanges with customers. Hackers can then change hotel rates to make the destination much more attractive, thus facilitating scams and new hacks. According to the GNI, attackers ask customers for their credit card number and trick them into clicking on a link.
A criminal investigation is underway, which has been entrusted to the police officers of the Central Office for the Fight against Crime Related to Information and Communication Technologies, after a report from the GNI sent to the national Cybermalveillance platform. The extent of the scams that may have already been carried out by cybercriminals is unknown.
target of choice
The hospitality industry is a prime target for hackers. This sector handles valuable financial information. But the attack surface goes beyond bank cards alone, as evidenced by attacks targeting public Wi-Fi access points.
The Kaspersky company had reported several malicious campaigns aimed at controlling hotel management systems. The company had also recommended that people booking rooms use a virtual wallet or a secondary credit card to avoid the risks associated with a future compromise of their hotel.