A growing network of online scammers is targeting users of popular accommodation booking platforms such as Booking.com and Airbnb.
According to new findings from ESET researchers, these cybercriminals use a Telegram-based toolkit called Telekopye, which has been operating since 2016.
Focusing initially on scamming online marketplace users, Telekopye groups have expanded their tactics to exploit the hotel and apartment booking sector.
Telekopye enables scammers, referred to as “Neanderthals,” to conduct well-organized phishing campaigns.
The toolkit provides easy-to-use features, including the generation of phishing emails, SMS messages and fake payment websites.
By compromising legitimate hotel accounts, scammers contact users with claims of issues related to booking payments, leading victims to provide sensitive payment details on fraudulent websites that closely mimic the real platforms.
How Cybercriminals Use Telekopye to Defraud Travelers in 2024
ESET now warned that the scammers’ tactics have grown increasingly sophisticated, often using information from actual bookings – obtained from compromised accounts of legitimate accommodation providers – to deceive victims.
For instance, users might receive emails or messages from seemingly official channels, making the scams more challenging to detect.
ESET researchers observed a surge in these accommodation-themed scams during July 2024, which, for the first time, surpassed Telekopye’s original marketplace-targeted scams.
Read more on accommodation booking scams: Booking.com Customers Targeted in Major Phishing Campaign
Besides the new targeting methods, Telekopye groups continue to improve their tools and operations.
These enhancements include automated phishing page creation, on-the-fly translation and even anti-DDoS measures to protect their fraudulent websites from disruption.
Despite law enforcement operations in late 2023 that led to several arrests, the scam networks persist.
“The best way to stay protected against scams driven by Telekopye is being aware of Neanderthals' tactics and exercising caution on the affected platforms,” ESET said.
“Besides knowing what red flags to pay attention to, we strongly recommend using a reputable anti-malware solution on your device to step in if you do end up being lured to a phishing website.”
Additionally, utilizing strong passwords and enabling two-factor authentication are recommended as key steps for safeguarding online accounts.
Image credit: mama_mia / Shutterstock.com