- Internet criminals have discovered a new area of activity, namely accommodation platforms
- They abuse compromised accounts of accommodation providers
- Frauds are no longer avoided even by Czech-speaking users
In its report, ESET warns against a new fraudulent trend. If you’ve ever tried to sell anything through an online bazaar, you’ve almost certainly heard from an interested party who didn’t care at all about the condition of the goods and immediately wrote you an address saying that he would arrange delivery via a carrier. If you continued the communication, you would find out that he directed you to a copy of that carrier’s website, where he would try to extract payment information from you under some pretext. Now these fraudsters have started abusing the good name of accommodation platforms in a big way such as Booking.com or Airbnb.
A typical scenario looks like this a cybercriminal first compromises a poorly secured account accommodation provider. Then he sends you a message saying that there were problems with the payment. In the email, it directs you to a page that looks like the official website of the platform, but in fact it is about successful copy. The page contains pre-filled booking information such as arrival and departure dates, price and location. In addition, the information provided on the fraudulent sites corresponds to the real reservations made by users. The goal of fraudsters is to get victims to do so through forms on fake sites they entered their payment card details.
The danger of these attacks is constantly increasing as the sophisticated tools at the disposal of cybercriminals. Specifically, these frauds are caused by a tool Telecopies (combination of the words Telegram and spear or also telecopy). It is a tool that works like a so-called Telegram bot. It allows even less technically proficient attackers to create phishing pages from preset templates, generate QR codes
and fake screenshots and send fraudulent e-mails or SMS messages.
Radek Jizba, an expert from the research team of the Prague branch of ESET, says:
While in the case of frauds on online bazaars, attackers tend to be most active around paydays, when they assume that people will spend more of their money, in the case of frauds on accommodation platforms, they mainly used the summer vacation period. Considering the large increase in this new type of fraud, it can be assumed that the new scenario is attractive enough for fraudsters to continue in the future. Scams target users regardless of where they come from. And since services such as Booking.com or Airbnb are also popular among Czech users, they should be careful when booking stays through these platforms, especially around major holidays and vacations.
I would advise users to always ensure that they have not left the official website or app of the platform before filling out any forms related to booking a holiday. If you are redirected to another, external URL where you should complete the reservation and then make the payment, you should be careful. Such behavior may indicate possible fraud.
Unfortunately already does not applythat the Czech Republic at least partially protects our little widespread and complex language from fraud. Given the capabilities of artificial intelligence it is not a problem for fraudsters to maintain a credible-looking conversation in Czech. The only thing that can be recommended is to be careful especially in situations where anything unusual happens. Especially when it comes to payments.
ESET does not recommend contacting the accommodation provider in case of doubtbecause his account is compromised and you would actually be communicating with the same scammers. In case of doubt, contact the accommodation platform directly.
Have you been the target of a similar attack?
Source: ESET
Source: www.svetandroida.cz
