"Available Reward" phishing email impersonates Booking.com

Post hero image

Table of contents

A phishing attack that has recently come to our attention is a devious campaign that claims an "available reward" can be claimed from Booking.com. This campaign is particularly concerning because it uses an identical copy of the actual Booking.com email template, which can easily fool even the most vigilant users.

What's even more alarming is the fact that the email appears to come from a legitimate source - in this case, a compromised email account. This is a common tactic used by phishers, who often hijack legitimate email accounts in order to lend an air of authenticity or bypass spam filter with their fraudulent campaigns.

Fortunately, there are some simple steps that users can take to protect themselves from this type of attack. One way to quickly check the legitimacy of an email is to look at the sender's domain. In this case, a closer inspection reveals that the email did not originate from Booking.com, as one might expect, but from a compromised email account.

Another red flag to watch out for is the link included in the email. If you hover over the link, you'll see that it doesn't lead to Booking.com, but to a completely different website. This is a clear indication that the email is a phishing attempt and should be immediately reported and deleted.

In order to protect yourself from phishing attacks, it's important to always be wary of unexpected emails, especially those that claim to offer rewards or require immediate action. Take the time to carefully inspect the email and verify that it's legitimate before clicking on any links or downloading any attachments.

By remaining vigilant and taking proactive steps to protect yourself, you can help ensure that your personal information remains safe and secure. So stay alert, be wary of unexpected emails, and don't let the phishers fool you!

Hoxhunt empowers your employees to shield your organization from threats. Our phishing training is trusted by the world’s leading cybersecurity professionals - maximizing training outcomes by serving every user a personalized learning path that measurably changes behavior.

Want to learn more?
Be sure to check out these articles recommended by the author:
Get more cybersecurity insights like this