targeted in major new phishing campaign

A compromised hotel account was used in an elaborate phishing scheme aiming to empty customer bank accounts

Oct 2, 2023

An unnamed hotel has had its account compromised, with the threat actors using this access to get a list of its clients, as well as their personal data: names, booking dates, hotel details, and partial payment methods.

Then, they crafted a malicious landing page, seemingly identical to the original site, and reached out to people who’ve had bookings coming up.

In the message, they said that the bookings were at risk of cancellation within a day, if the users didn’t “test” their credit card details - by submitting them on the fake landing page.

Get the full story at Yahoo! Finance

Related must-reads