A Trap Instead of Housing: How Fraudsters Lure Money from Booking.com and Airbnb

A Trap Instead of Housing: How Fraudsters Lure Money from Booking.com and Airbnb

ESET – the leader in cybersecurity – warns of the spread of new scams on popular accommodation booking platforms such as Booking.com and Airbnb. According to ESET telemetry, booking fraud began to gain momentum in 2024. The number of cases of accommodation-related fraud increased sharply in July, with detections more than doubling.

The scammers send an email to the victim of one of the above platforms, claiming a problem with the payment for the booking. The email contains a link to a fake web page disguised as a legitimate one. The page contains pre-filled booking information such as check-in and check-out dates, price and location, and the information provided on the fraudulent pages matches the real bookings of the users. The cybercriminals use the Telekopye toolkit, which operates as a Telegram bot, ESET said.

“The fraudsters use compromised hotel and renter accounts on the platforms, which they likely obtain by purchasing stolen credentials on cybercriminal forums. Using access to these accounts, the fraudsters select users who have recently booked a stay and have not yet paid, or have only recently paid,” explains Radek Jizba, a researcher at ESET. “This approach makes it much more difficult to detect the fraud, as the information provided is personally relevant to the victims and the websites look like legitimate platforms. The only visible signs of fraud are malicious website addresses that differ from the safe resources."

 

The scheme uses the Telekopye toolkit, which operates as a Telegram bot to turn online fraud into an illegal, organized business. It is used by dozens of fraudulent groups, which have up to several thousand members, to steal millions of euros from their victims. Fraudsters do not need any technical knowledge, since Telekopye does everything in a matter of seconds.

 

The growing popularity of online marketplaces attracts fraudsters who prey on buyers and sellers, seeking to obtain bank card information. The rise in booking fraud coincides with the summer holiday season. According to data for 2024, these new types of scams accounted for about half of the detected malicious variants disguised as marketplaces. The new scams are primarily focused on just two platforms – Booking.com and Airbnb.

 

“Before filling out any forms related to your booking, always check that you haven’t closed the official website or program of the relevant platform. Redirecting to an external URL to continue booking and payment may be a sign of a scam,” advises an ESET researcher.

 

In late 2023, after ESET researchers reported on Telekopye, Czech and Ukrainian police arrested dozens of cybercriminals who used Telekopye, including key players, in two joint operations. Both operations targeted Telekopye groups, which police estimate have amassed at least €5 million since 2021.

 

To protect against such fraudulent schemes, ESET experts recommend being careful when filling out online forms, checking the website address before entering personal data, and using a reliable solution to protect all devices from various threats, including dangerous sites that are fraudulent tools.