With the arrival of the holidays of summerthe seekers of trips are filled with users finalizing their reservations transportation either accommodation facing the summer season. The cybercriminals You can use this to your advantage. aggressor to the netizens by means of the impersonation of these pages. This is the case of a group of swindlers who use the “last minute reservations” of the portal booking.com What bait.
the company of security Computing ESET has warned of this fraud through its Blog corporate, where he explained the method what are these criminals to win the confidence of the user and manage to enter a malicious executable on your computer to get the control of the same.
🏨 “New last minute reservation” Mail supplanting @bookingcom used to spread malware.
✈️ Taking advantage of the holidays that many are about to enjoy, criminals launch a new campaign that supplants this well-known company.
➡️ https://t.co/WODJceAJLS pic.twitter.com/GTqG4AB3b8
— ESET Spain (@ESET_ES) July 8, 2022
Invoice and ‘malware’
As ESET explains, these cyber attacks they use the impersonation travel search engine Booking to send an email with the subject “Booking.com- New last minute booking (1831659520)”. In the message the user is asked to confirmed if you requested the payment method or, on the contrary, to cancel it: “See the attached file by Confirm who requested the method of payment either cancel it now”, is requested in the mail.
In the document in question, a supposed invoice corresponding to a Reserve of a Department in Salou through the Booking.com platform. In case you win the confidence of the user, this continues to consult the second file attachment, where is the malicious executable: “They include malicious code, known as ‘Gu charger’which is used as ‘malware‘ of the first phase to download other threats related to ‘spyware’“.
In this way, cybercriminals they manage to get hold of him control of the affected computer, getting all kinds of data of the user to, finally, ask for a bailing out or supplant the identity of the same.