In Turkey, a new type of deception of tourists during bookings has spread: fraudsters have discovered a vulnerability in the BookingCom service and are almost legally extorting money from tourists. At the same time, the service is in no hurry to return funds to the victims.
Turkish travel publication Turizm Guncel said the victim who uncovered the scheme was a British citizen of Turkish origin who was tricked by BookingCom into booking a room at the Ada Julian Hotel in Marmaris for the new year, with the cancellation supposed to be free.
According to the affected tourist, he received an email from the Ada Julian Hotel through BookingCom, which said: “Confirm the booking”. As soon as he clicked on the link, the booking fee that was supposed to be debited on December 19 was debited from his account at that moment. The outraged tourist canceled the reservation and began to wait for a refund since the cancellation was free.
But here the details became clear: the refund, which was supposed to be made within 3 days, was never made. At Booking, the tourist was initially promised that the return would be made within 7-12 days. But there was no return for a month.
In this way, it turned out that Booking has a vulnerability — and a new fraud began to take place through the service. “Fraudsters who have hacked a hotel on the service send you a confirmation email on behalf of the hotel via BookingCom. When you click on this email, money is withdrawn from your account via the link. In the course of my research, I realized that many people were deceived in this way,” said the tourist.
At the same time, the hotel does not receive any money. It was even managed find out that the money is withdrawn by the Cypriot company for the production of casinos, games, and cryptocurrencies Hellcase, the publication writes.
BookingCom says: “Our security department is investigating the incident”, but there is no result and no compensation is being paid. At the same time, the bank said that it would return the money to its client if an official letter was received from BookingCom that they were hacked.
There is a serious security vulnerability here. On the BookingCom website, the customer panel has a customer service section for both the hotel and Booking. There is a security breach here, hackers come in and attack you, and your information is stolen,” the tourist added. He urges his “brothers in misfortune” not to go to the links in the letters sent by the object of accommodation through Booking.