Complete News World

Fake hotel staff phishing for credit card details

In its weekly review, the NCSC warns of a scam affecting hotels and their guests. Strangers pretending to be receptionists via Whatsapp and asking for credit card details. Before that, they use malware to steal their booking details.

Strangers are targeting hotel guests with a new scam. The National Cyber ​​Security Center (NCSC) warns of this on its site Review of the fourth calendar week of 2023.

Fake hotel staff…

Scammers contact people who have booked a hotel via Whatsapp and pretend to be the hotel receptionist. They use screenshots of the supposed reservation data to prove this identity. Exact travel dates, address and hotel costs are indeed correct, the NCSC writes. First, the scammers ask for the time of arrival at the hotel before asking the victim’s credit card details or getting them to pay. In the case before the National Center for Sports Security, the messages came from a Dutch number that set off alarm bells for the addressee.

…and fake hotel guests

The NCSC continues to write that the reservation data and the victim’s phone number were stolen using the “Redline Stealer” malware. The malware collects information from browsers, including saved login data that tricks them into opening a file, and then installs the malware, giving scammers access to various hotel accounts.

NCSC makes the following recommendations:

  • Never provide credit card information or passwords when prompted by email, phone, or messaging service.
  • Be wary of emails that require you to take action, and be wary of pressuring him to take action. This could be, for example, clicking a link or opening an attachment.
  • Keep in mind that email or SMS senders can be easily spoofed.
  • The phone numbers that appear when you place a call can also be faked without much effort.
  • Never enter personal information, such as passwords or credit card information, on a website that you clicked on from a link in an email or text message.
  • Install two-factor authentication whenever possible. This provides an extra layer of protection to prevent your account from being hacked.
  • No bank or credit card issuer will ever email you to change passwords or verify credit card information

Last week, the NCSC warned about QR code scams. Among other things, scammers send fake invoices to get payments from their victims. Read more here.

If you would like to read more about cybercrime and cyber security, Subscribe to the newsletter here. The portal provides daily news about current threats and new defense strategies.