Scammers Are Impersonating Hotels on Booking.com

Booking.com is trusted by millions of travelers. But what happens when the platform’s own communication system is turned into a tool for scams?

In recent years, travelers have reported a disturbing trend: scammers gaining access to internal messaging system and posing as hotel staff. These messages often seem legitimate — but they’re not. They're part of an increasingly common tactic that’s costing travelers real money.

With the summer season underway and people travelling more, attempts to scam users are likely to increase.

💬 The Booking.com Chat Scam: Step-by-Step

Here’s how the scam works:

1. You book a hotel through Booking.com . Everything seems fine. You get a confirmation, maybe even a friendly welcome message.

2. A few days before your stay, you receive a message through Booking.com’s official messaging system. It looks like it’s from the hotel — same name, same tone. It might say something like:

   “Dear guest, due to a system issue, we kindly ask you to reconfirm your credit card details via the secure link below.”

3. The message includes a link to a fake payment page, often made to look like Booking.com or the hotel’s site.

4. You enter your details — and just like that, your card is compromised.

🚩 What the Messages Often Look Like

It is important to reiterate that these messages may come to you from a legitimate-looking accommodation provider in the official Booking.com messaging system.

Here are real-world examples of scam messages. Fraudulent links are marked in red:

🤯 How This Scam Works

• The messages appear inside Booking.com’s platform, giving them immediate legitimacy.
• They often reference your reservation details, adding a sense of trust.
• The language is professional, often mimicking official hotel communication.
• Many travelers assume if a message comes through Booking.com, it must be safe.

But that’s the trap.

🕵️ How Scammers Get Access

You may be wondering how scammers can get into conversations with clients. Most likely through phishing  or sophisticated malware, attackers can get in and then see all the details of accommodation, payments and guests.

Sometimes it takes several days or even weeks for the accommodation provider to discover that their account has been compromised. Unfortunately, the Booking.com platform itself does not have sufficient measures to prevent this type of fraud. In addition, their support response time is very long, and by the time the situation is resolved, a large number of people may have been scammed.

🧠 How to Protect Yourself

• Carefully check all links sent to you on the Booking.com platform.
• Don't click on links that look suspicious or unusual.
• Never click on links sent via Booking.com chat asking for payment in a non-standard way outside the Booking.com website.
• Contact the hotel directly via phone or their official website to verify any unusual requests.
• Report suspicious messages immediately to Booking.com’s customer service.
• Take screenshots of any suspicious messages as evidence.

Tip! Use Safe Surfing  — easy to use and lightweight VPN in our Redamp.io application that can filter out malicious URLs.

Sources:

• grahamcluley.com 
• theguardian.com 
• cyberfraudcentre.com 
• malwarebytes.com