“You won a Booking travel kit” is a new scam attempt: how to recognize it and defend yourself

The message “You have won a Booking travel kit” it is just the latest example of a phishing attempt that uses the name and logo of a well-known company – in this case the Dutch online accommodation booking giant – to deceive victims. This type of action is perpetrated by cyber criminals using emails and messages that imitate official Booking communications to make unfortunate users click on an apparently harmless link, which usually asks them to respond to a short survey. The promised prize – a travel kit or a similar gadget – is just a bait, while the real objective is to obtain sensitive data, such as that of your credit card, taking advantage of the trust that a well-known brand like Booking inspires. For protect yourself from the “Booking travel kit” scam it is essential not to open suspicious links, especially if they are contained in messages of “sinister” origin.

How to understand if a message received via email is a scam

To avoid damage related to Booking travel kit scam it is essential learn to recognize scam emails. Since scammers do everything they can to make their messages seem credible, you need to know where to look when you are about to open a message that has arrived in your inbox. Here are some aspects to pay attention to.

  • Sender address: Official Booking emails only come from domains ending with @booking.comwhile scammers may use similar addresses but with small variations. For example, they can replace the letter “or” with zero “0” to create an address apparently similar to the official one. And this is how the scam address @b00king.com it can easily be mistaken for the official one, confusing the reader’s eye. If you receive a message that seems suspicious, always check the domain carefully: any difference (small or large) is a clear indication of fraud. The official Booking website warns in this sense: «For example, the address “[email protected]” does not come from Booking.com and is certainly dangerous. Do not respond to emails of this type and report them as spam. Booking.com will never make urgent requests without first sending a communication about it.”
  • Message body: Another common feature of phishing emails is spelling and grammatical errors, as well as the presence of unusually constructed sentences. Scammers often use automatic translators to create these messages for delivery to people in various parts of the world, which may be unclear or written in artificial language. Finding errors in the message is another red flag. The same applies if the email is made up only of images and is almost totally free of text. This last one is also a clear alarm bell.
  • Links contained in the message: check Always also the links contained in the message. Without clicking, hover your cursor over the links to see the actual URL. If the link does not contain “booking.com” in the domain, it is likely a phishing attempt. Scam sites may have different domains or names similar to the authentic ones, but which do not correspond to the official site (it is essentially the same as what was already said before about the sender address).
A possible email attributable to the “Booking travel kit” scam

How to protect yourself from the “Booking travel kit” scam

If you can recognize emails related to the “Booking travel kit” scam, you will be less likely to fall victim to the cybercriminals who are spreading it online. Therefore, do not click on links from emails that you have recognized as such, remembering that serious companies like Booking will never ask you to enter sensitive information via messages sent via email. If you are asked to complete a survey and enter information such as your credit card number or banking credentials, stop and ignore such requests.

In the event that you have already entered information on a suspicious site, act promptly. The first thing to do is contact your bank to block any unauthorized access to your accounts. Immediately change the passwords of the accounts involved and report the incident to Booking’s customer service, which will be able to monitor the possible presence of other scams linked to its brand.