We use Booking.com for our business travel, so this story was going to make the news this week.
ClickFix attack delivers infostealers, RATs in fake Booking.com emails
This is a long running phishing campaign that is obviously still having success in trapping victims – targeting organisations that use Booking.com for their reservations. The attack aims to steal the user’s Booking.com credentials, then stealing payment and personal information from the platform. Some of this information can then be used for further attacks.
Your Takeaway
Last year’s UK Government’s Cyber Security Breaches Survey, yet again showed that phishing is most prevalent cyber-attack.
Cyber security breaches survey 2024 – GOV.UK
Phishing attacks are easy to initiate – how many people and/or websites have you given your email address to? – and offer high return to the threat actors for minimal effort. Make that effort wasted by signing up for our Cyber Security Awareness Training. Do not put it off because you have something more important to do – one click and the threat actors win.
Clive Catton MSc (Cyber Security) – by-line and other articles