- A click on a fake refund link from Booking.com cost Eveline (41) from the canton of Schwyz almost 9,000 francs.
- The perpetrators used her account to gain access to two other accounts and emptied all three within one day.
- The Federal Cybersecurity Office warns: Fraudsters are increasingly personalizing their attacks with real booking data in order to inspire trust.
“Since the booking number and everything else matched, I clicked on the link.” Eveline (41) deeply regrets this step today. The woman from Schwyz had booked holiday apartments via Booking.com in April and May. After a short trip to Italy, she received a message promising a refund. The link took them to a supposed Twint page.
“Three accounts were cleared within one day”
A day after clicking on the link, Eveline wanted to fill up her car – but her card was declined. When her husband checked the accounts, the shock followed: not only was her own account empty, but also his and the joint property account.
“Within one day, three linked accounts were emptied and almost 9,000 francs disappeared,” says the 41-year-old. The perpetrators gained access to the other accounts using their bank details, moved the money to their account and then withdrew it. “We are speechless that this was possible so easily.”
It was lucky that the damage wasn’t even worse. “Our two payroll accounts with significantly higher amounts were not affected.” The 41-year-old filed a police report and reported the incident to her bank. She has received little support so far. She also sought help from Booking.com, but so far without success.
How do you protect yourself from online fraud like the booking trap?
Booking.com has been struggling with fraud cases for years
Just recently, 20 Minutes reported on the Bernese hotel director FG Several of their guests received Whatsapp messages in which Booking.com allegedly wanted to refund money due to an incorrect debit. The messages contained real booking information and therefore appeared deceptively real.
Last year one transferred A group of friends from Lucerne and Zug paid around 7,000 francs for a luxury villa in Ibiza, which later turned out to be non-existent.
Cybercriminals have also already managed to compromise hotel accounts on Booking.com. They asked guests to update their credit card details via the official booking chat, otherwise the reservation would be cancelled. Booking.com confirmed the incidents at the time.
In addition, there is a data leak that recently became known. According to Booking.com, names, telephone numbers, email addresses and booking details could have been leaked.
Fraudsters are becoming increasingly personal
According to the Federal Cybersecurity Office (BACS), classic phishing emails are increasingly being recognized. For this reason, criminals increasingly began personalizing their attacks.
The authority is currently registering so-called voice phishing and attempted fraud on classified advertising platforms particularly frequently. After a sale, providers receive a link that supposedly leads to the payment of the purchase price. The fake sites often even contain the name of the victim and information about the item being sold.
According to the BACS, despite different meshes, the same warning signals appear again and again. “Scammers often create pressure to force potential victims to act rashly,” says spokesman Max Klaus. Another warning signal is offers that sound too good to be true.
This is how you protect yourself
The BACS recommends the following as the most important protective measures:
- Never enter passwords, credit card or e-banking information on pages opened via a link in a message.
- Always avoid links from SMS, WhatsApp messages or emails.
- Critically question information.
- Don’t let yourself be put under pressure.
Thomas Sennhauser (ths), has been working for 20 minutes since 2020. He started as a video journalist and after two years moved to the news department, where he writes about social issues and analyzes of events abroad.
