Booking.com users targeted in a new hotel scam

A sophisticated scam is targeting holidaymakers by hacking into official hotel accounts on Booking.com, where criminals take over accounts to steal money and leave travellers devastated.

The scam works via a phishing attack that targets hotels, not guests. This allows criminals to hijack official hotel accounts and then contact customers using their real booking details, making the fraud incredibly difficult to spot.

"A Sick Feeling": Victims Share Their Stories

Victims have lost thousands. Brendan was defrauded of €950 after an urgent email warned his booking was "in danger of cancellation."

Steve lost €1800 from a message that looked like a normal confirmation. "You get that sick feeling in the pit of your stomach," he recalled.

Another user, Judith, narrowly avoided a WhatsApp scam after spotting a suspicious international phone number, despite the message containing her correct travel information.

An "Industry-Wide Problem" Fueled by AI

The sophistication of this scam makes it dangerous, as it exploits trusted platforms. This type of online fraud is a growing, industry-wide problem, potentially fuelled by AI.

Booking.com reported a recent 900 per cent increase in travel scams and confirmed it is working to enhance security. Data shows UK travellers lost over £11 million to such scams in 2024, with an average loss of £1,844 per victim.

How to Protect Yourself from Booking Scams

To protect yourself, always double-check the payment policy on your original reservation. Treat any unexpected request for an additional payment as a major red flag.

If in doubt, contact the hotel directly using a phone number you have found independently, not one provided in the suspicious message.