Booking a holiday stay? Watch out for scammers, say Czech police

A growing wave of online fraud is targeting users of accommodation booking platforms, experts warn, as scammers hack legitimate accounts to trick travelers into providing payment information. The scheme primarily affects short-term rentals and hotel reservations, but cases have also been reported with long-term rentals, according to the Czech Police.

One victim, Petra Hovorková, shared her experience with ČT24, describing how her family nearly fell for a scam while booking a hotel in Germany. “We received a message that looked like it was from Booking.com, warning that our reservation was at risk of cancellation,” Hovorková said. “It was early evening, and with kids to manage, we felt pressured to act quickly.”

The message claimed her room was unpaid and requested updated payment details, directing her to a link that closely resembled the booking platform's site. “There was no poor English or obvious red flags,” she noted. Although Hovorková provided her card information, her bank intervened and blocked the transaction, saving her from financial loss.

Jakub Vinčálek, spokesperson for the Czech Police, reported an increase in similar scams nationwide.

“We have recorded these cases across the country. It was not only fraudulent dealings in connection with the platforms through which accommodation is chosen, but also in connection with offers of longer-term rentals,” he said.

By using these real accounts, fraudsters can communicate directly with travelers, making their requests harder to detect as fraudulent. Attackers often include accurate reservation information, such as check-in and check-out dates, names, and payment amounts, adding credibility to their messages.

According to cybersecurity experts, vigilance is essential. Jakub Souček, head of crimeware research at ESET, advised travelers to check website URLs carefully. “Look closely at the last two parts of the URL address. If it doesn’t end in ‘Booking.com’ or ‘Airbnb.com,’ it’s a likely indicator of a scam,” he warned.

If users have already shared personal information or sent payments, they should contact their banks immediately to dispute unauthorized transactions, Marek Macháček, a cybersecurity expert with Komerční banka told ČT24.

With the holiday season approaching, experts anticipate a rise in fraud targeting travelers planning winter vacations. Authorities urge users of booking platforms to remain cautious, verify the authenticity of any payment requests, and report suspicious activity to their banks and the platform.