Contents:
Tickets for the Eurovision Song Contest in Liverpool sold out in less than an hour on Tuesday (March 7), despite technical difficulties as the Ticketmaster website buckled under the pressure.
However, those who were fortunate enough to obtain tickets are now facing another technological headache: phishing attacks.
Booking.com confirmed to BBC News that some accommodation partners were targeted by phishing emails but denied a data security breach. However, customers should contact their hotels directly if they have any concerns.
Cybercriminals have targeted those with hotel reservations in Liverpool on WhatsApp and pose as hotel staff to obtain personal or payment information. If the victims do not cooperate, they threaten them with a canceled booking.
If you have a hotel booked in Liverpool for @Eurovision via @bookingcom please be aware of a scam going on. Do not reply, do not click on any links! Seems like there’s been a GDPR breach somewhere. pic.twitter.com/bBzVTiNqRB
— Hannah ? (@HannahDaisy) February 9, 2023
Several accounts were affected by cyber-attacks and quickly locked by the travel company. In addition, some businesses had accidentally compromised their internal systems by clicking on links in these messages.
In May, several Eurovision fans contacted the BBC’s Eurovision Cast podcast, describing almost falling for scams related to the accommodation booked for Eurovision.
Because Booking.com or Meta do not police WhatsApp, criminals can cleverly manipulate people in what appears to be an official form of communication. As a result, it is best to keep all communication to known and trusted channels and to never part with money outside of the official media.
As part of the competition, Marc Deruelle booked an apartment through the travel site for himself and three friends to stay in Liverpool “for a pretty reasonable price.”
He was contacted on WhatsApp by someone claiming to be a receptionist, asking first if he needed parking and then claiming there was an issue with his payment, with a similar problem appearing on Booking.com.
He told BBC News, “I thought this must be OK.” Then he received a text message and a phone call from the bank, telling him someone was trying to scam him. It was planned to transfer about £800 to Uganda, but luckily the transaction was canceled.
I felt foolish because I’d never come close to being scammed before. It just took the fun out of it, and I don’t want to go any longer because they’ll know all my details and that I’m away from home, so I canceled.
Marc contacted his lodging provider, who informed him that it had heard similar stories, which the BBC has confirmed.
If customers have concerns, UKHospitality, representing over 700 companies, advises them to deal directly with hotels rather than third-party booking platforms.
Hotels rarely contact you on WhatsApp. For the first time, you’ve got a lot of young people in particular who wouldn’t normally book and travel to these events, and scammers are taking advantage of those who are vulnerable.
Such phishing scams are thought to be more widespread than in Eurovision and the city of Liverpool.
It is unclear how contact information for those being targeted became public, but Booking.com claims that this is due to a data breach on some of the hotels with which it works.
Booking.com confirmed that no legitimate transaction would ever necessitate a customer providing credit card information over the phone, text message, or email.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.