Summer is here and if you haven’t booked your holiday travel plans yet, you’re going to want to be extra careful when doing so. The reason being, hackers are now using popular booking sites to infect unsuspecting travelers with dangerous password-stealing malware.
According to the cybersecurity firm Malwarebytes, a new campaign has been spotted online that uses malicious links on social media and gaming sites to trick people into visiting fake sites impersonating the popular online booking service Booking.com.
Given that almost half (40%) of people book their travel through general web searches, there are plenty of opportunities for hackers to lead them astray in an attempt to steal their hard-earned cash and sensitive data.
Here’s everything you need to know about this new campaign along with some tips and tricks to help you stay safe from hackers while booking your summer getaway.
Falling for malicious CAPTCHAs
In a new blog post, Malwarebytes’ researchers explain that this new campaign was first spotted online at the end of last month.
When a user clicks on one of the malicious links impersonating Booking.com, they’re taken to a verification page where fake CAPTCHAs are then used to trick them into copying code over to their clipboard. This occurs when they click on the checkbox next to the text “I’m not a robot” on one of these fake CAPTCHA prompts.
Given that CAPTCHAs are used so frequently online these days, most people wouldn’t think twice before clicking one. However, these fake verification prompts are similar to those we’ve seen in recent ClickFix attacks.
For those unfamiliar, these types of attacks are designed to trick you into infecting your own computer with malware but fortunately, they’re easy to spot.
Instead of solving a puzzle or identifying a certain object in a set of pictures, a new verification prompt appears that asks you to do something you never should: run a command prompt and then execute the code that was copied over to your clipboard. This is a major red flag and an easy indication that you’re not actually on Booking.com’s official website.
Still though, unsuspecting travelers trying to lock in a great deal quickly could potentially fall for this tactic. If they do, their computer will be infected with the AsyncRAT the instant they run the code that was previously copied to their clipboard.
Given that we’re dealing with a Remote Access Trojan here, this malware is able to spy on your computer, steal all sorts of sensitive personal and financial information, record your keystrokes, upload and download files, access your webcam and more.
How to stay safe when booking your summer vacation
Given that hackers and other cybercriminals can easily put links to fake sites on social media and even in search engines through malicious ads, you need to be extremely careful when booking a vacation or anything else online for that matter these days.
Instead of typing the address for a site like Booking.com into your browser and heading to the first link, you want to scroll all the way down past the ads to the company’s actual site. Better yet, if you know a company’s web address, just type that into your browser’s address bar instead.
If you are prompted to verify your identity when visiting a travel site, pay close attention to the form of verification used. Typing out the numbers and letters in a scrambled image or identifying which images in a set are actual cars are both legitimate verification methods. Pressing Win + R to open a command prompt and run code that was copied to your clipboard without your knowledge definitely isn’t though.
To stay safe from any malware that might slip through the cracks, you want to make sure that your PC is protected with the best antivirus software or your Apple computer has the best Mac antivirus software installed. For additional protection though, you might also want to consider signing up for one of the best identity theft protection services as they can help you recover your identity or any funds lost to fraud from scams.
Summer is a great time to get out and go somewhere new but if you rush to get that last-minute booking in, you could be putting yourself and your data at risk. That’s why you always want to take some extra precautions when making travel plans and if a deal or a website seems too good to be true, it probably is.
