1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Booking.com phishing scam uses secret characters to trick victims

    From TechnologyDaily@1337:1/100 to All on Friday, August 15, 2025 22:15:08
    Booking.com phishing scam uses secret characters to trick victims - last-minute holiday hunters beware

    Date:
    Fri, 15 Aug 2025 21:03:00 +0000

    Description:
    Hackers are using Unicode to hide malicious pages and deliver malware.

    FULL STORY ======================================================================Cybercri minals are using the Japanese alphabet to spoof Booking.com Scammers are targeting people with listings on the site Users are advised to carefully review incoming messages

    Cybercriminals are spoofing Booking.com with a clever use of Unicode characters in their phishing landing pages to spread malware .

    Independent security researcher alias JAMESWT recently reported seeing phishing emails being sent to people listing their real estate on the popular lodging reservation service. In the email, the victims are told that someone complained about their listing, and that they should review it fast or face termination.

    The email also provides the link which when opened, at first glance looks legitimate. However, upon closer inspection, it can be seen in the URL that instead of the forward dash character /, the link actually uses - a Japanese hiragana character representing the sound n. Typosquatting

    Hiragana is one of the three main scripts used in written Japanese, alongside katakana and kanji.

    Those that fail to spot the trick and open the site will get served a malicious MSI installer from a CDN link. The researcher added that samples of the malicious site are already available on the cybersecurity platform MalawareBazaar, and that the any.run analysis already shows the infection chain.

    It is believed that the attackers are spoofing Booking.com to deliver infostealers and remote access trojans (RAT).

    Replacing a single character in the URL, in order to trick victims into opening websites, is a long-established practice. It is called typosquatting and banks on the victims not being careful when reviewing the URL they are opening.

    Booking.com, being one of the most popular lodging reservation services in
    the world, is often spoofed in such attacks, together with the likes of Amazon, Microsoft, DHL, and others.

    Defending against these attacks is relatively easy, and requires users to
    slow down and carefully review incoming communications, especially
    unsolicited messages. Double-checking links, attachments, websites, and thinking twice about sharing sensitive data is the best course of action
    these days.

    Via BleepingComputer You might also like Microsoft warns about a new
    phishing campaign impersonating Booking.com Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/booking-com-phishing-scam-uses-secret-c haracters-to-trick-victims-last-minute-holiday-hunters-beware


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)