Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Booking.com phishing scam uses fake CAPTCHA to install AsyncRAT

(Image by Rodrigo Salomón Cañas from Pixabay)

By Waqas

A new phishing campaign is targeting hotel staff with fake Booking.com emails, tricking victims into executing malicious commands on their own systems. The scam appears well-planned, combining social engineering with the end aim to infect and compromise hotel networks with AsyncRAT.

The attack begins with a message that appears to come from Booking.com. The email claims a guest has left behind important personal belongings and urges the hotel manager to click a button labelled “View guest information.”

The email is polite, urgent and designed to look legitimate, typical of social engineering attempts designed to trick people into clicking without thinking.

Read more at Hackread

Click to listen highlighted text!