New fraud in travel booking called “Reservation Hijack”, rising online scam concerns

Staff Report: PNN

Cybersecurity experts are warning about a new type of fraud targeting online travel bookings. Known as “Reservation Hijack,” scammers are using hotel, airline, or car rental booking information to steal money from customers.

Following a major data breach at Booking.com, international media reports say the risk of such fraud has increased. The leaked data included users’ names, phone numbers, email addresses, and booking information. However, the company said no financial or banking data was compromised.

Experts say fraudsters use booking information to pose as hotel or travel company representatives. They contact customers via phone, email, or SMS and demand urgent payment or re-confirmation of bookings. They often speak convincingly, making it seem like legitimate company staff.

In such scams, victims are usually asked to transfer money or provide credit card details. Fraudsters create urgency or fear to pressure quick decisions.

Cybersecurity analysts say scammers also collect information from social media, email accounts, and travel posts. Therefore, users are advised not to overshare travel plans online.

Technology analyst David Nield said the main goal of these scammers is to gain trust by impersonation. He urged people not to make any payments without verifying identity, no matter how accurate the booking information sounds.

Booking.com stated that it never asks for credit card details via phone, email, or messages, nor requests payments outside official systems.

Experts recommend using official apps or websites only, verifying suspicious calls through official contact numbers, and using strong passwords, separate passwords for different accounts, and enabling two-factor authentication.