Take our user survey and make your voice heard.
Image: Screenshot of Booking.com website
crime

Over 100 hotels in Japan fall victim to Booking.com phishing scams

20 Comments

The requested article has expired, and is no longer available. Any related articles, and user comments are shown below.

© KYODO

©2024 GPlusMedia Inc.

20 Comments
Login to comment

Fraudsters send emails to Japanese hotels to access their Booking.com management system. The email contains a link, which infects a computer once clicked.

This quite sophisticated, it's not random poising. So the attacker already know which people that have active booking then impersonate as if it come from those hotel trying to ask additional information need to be inputted by customer.

-9 ( +3 / -12 )

I’m guessing this happened mostly to family owned ryokan hotels? Overpriced but they really do go above and beyond in making preparations for their guests.

2 ( +5 / -3 )

To Gaijinland

No, it happened to me with a huge resort in Okinawa. The fake requenst indeed contained the original booking reference, but the requested amount was unrealistically high as well as the containing links were obvioulsy fake.

11 ( +11 / -0 )

Oh crap...I have just used this service to make a booking.

Better of dealing with the service provider {hotel etc. } directly.

Saving grace is my c/c is always maxed out with little room for theft.

Dastardly computer hackers !!!

-3 ( +2 / -5 )

Blame it on the Internet Providers and Cellular services that keeps signing up on providing a life line to these Scammers.

Greed is their top priority, they don't care what happened next.

-8 ( +1 / -9 )

Used that site last month but thankfully had no problems. I invest in Internet security and use Avast anti-phishing, etc. but have spoken to quite a few Japanese people who do not use any kind of internet security. Maybe both the companies and their customers didn't see the need. Until now.

1 ( +2 / -1 )

Japan is a safe country. Hackers can't read Japanese.

Sorry, that is not the right way to think. Internet security is extremely lax in Japan. My browser often flashes a warning about Japanese sites. It says the site is unencrypted and warns that credit card information could be stolen. I get this on Firefox and Chrome.

When a url starts http://, it is unencrypted and dangerous. Encrypted websites start https://. Also, the browser shows a lock. Why do so many Japanese companies, even quite large ones, not understand this?

Wake up Japan.

3 ( +8 / -5 )

Using emails to make an action (using link) is very risky in all cases.

Always check and exchange information trhough the official site and no link/file to be used. That is the standard.

So I don't understand : such type of phishing has been existing for a long time (asking you more money with sudden change of conditions). Basics of cyber security.

And also using any antivirus (free) is basics

Need to upgrade.

The hackers based abroad will never be found for sure alas.

By the way, it has nothing to do with booking.com's fault.

0 ( +2 / -2 )

I have used Booking.com for a lot of reservations.

I would say, majority of online sites have probably no safeguards to detect phishing

or other scams. I will have to be careful in future.

When I receive scam sounding email, I hover over the sender's email address and fake email stands out and nothing like from where the sender is stating.

1 ( +1 / -0 )

It sounds like the hotels are being targeted, leading to breach of customer data. The solution is for the hotels to be more careful with fraudulent emails, just like everyone else.

2 ( +2 / -0 )

Agree - probably Booking.com should train those establishments that have lax security guard.

For the users that were consequently targeted, hoovering over the address works on PC but not on a smartphone where you have to click and then it's too late. That might be one of the reasons why so many people fall into these scams recently. Even my wife got caught with Rakuten entering her details...

0 ( +0 / -0 )

Hackers can't read Japanese.

Garbage. What about those born here.

0 ( +1 / -1 )

No, it happened to me with a huge resort in Okinawa. The fake requenst indeed contained the original booking reference, but the requested amount was unrealistically high

You were lucky then you got alerted. Requested amount should have been low to entice you to pay

0 ( +0 / -0 )

Seems like it’s not booking.com but hotels employees and email systems that allow any link to be clicked upon by anyone. Hotels demanding booking.com anything is kind of ridiculous even for Japanese. Their own people (the hotels) clicked on a link that provided their credentials to someone else’s. The only think booking.com could do is ip hardwire hotels login but then they will complain its to difficult when their IP addresses change. Really up to hotels to have their system updated with the latest technology to stop apparent clicking on external links.

0 ( +0 / -0 )

We have never used Booking.com or any booking site - what's the appeal?!

You never get a better deal than what you can get going directly to the hotel/ryokan or airline. It's a msytery to me.

-1 ( +0 / -1 )

> GuruMickToday  09:11 am JST

Oh crap...I have just used this service to make a booking.

Better of dealing with the service provider {hotel etc. } directly.

Saving grace is my c/c is always maxed out with little room for theft.

Dastardly computer hackers !!!

Curious, why DID you go to booking.com instead of going direct to the hotel?!

-1 ( +0 / -1 )

You never get a better deal than what you can get going directly to the hotel/ryokan or airline. It's a msytery to me

That's not true, there are various promo rates that properties allocate for OTAs. Another advantage is the unified search and booking experience. I gave up multiple times trying to book some Japanese hotels on their websites, not only it would cost more, the reservation flow was nightmare.

However, hotels and airlines like direct bookings because they have more money out of it. And it's generally easier to get support vs going through an OTA.

0 ( +1 / -1 )

I just hope that this article will help in creating more awareness about this scams.

0 ( +0 / -0 )

Booking.com charge healthy commissions, so I can't say I'm too sympathetic if they are having to do a bit of extra work for their money.

Even if things are being compromised at the hotel side, it sounds like some of the scammers are getting the info from Booking servers using the hotel's login. Which means that tightening up the login (no stored passwords, two or three step authentication etc.) would stop this happening. I cannot log into Mercari on my computer without a text message to my phone. That's just to buy a second-hand something that might cost 1000 yen.

-1 ( +0 / -1 )

GuruMickApr. 15  09:11 am JST

Oh crap...I have just used this service to make a booking.

Better of dealing with the service provider {hotel etc. } directly.

I do both, or rather I check online pricing along with the hotel’s website and even with the airline I’m flying with as they sometimes have deals

Saving grace is my c/c is always maxed out with little room for theft.

LOL!

0 ( +0 / -0 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites