In the last two years, cybercriminals and ransomware gangs have ramped up attacks on the hospitality and travel sectors.
In this webinar, you’ll learn how one cybercrime and fraud operation is targeting hotel guest payment card data in hotel booking systems. They’re not just abusing Booking.com’s brand in phishing emails, but using compromised hotel partner Booking.com accounts to send messages to guests in the official Booking.com app and emails requesting “mandatory payment” before their upcoming stay.
How are actors accessing partner accounts? In the past, these cybercriminals have used information-stealing malware installed on hotel workstations to steal hotel employee credentials and perpetrate fraud against upcoming guests. Now, to avoid detection by antivirus, threat actors have eschewed malware and deployed a sophisticated phishing kit to bypass multi-factor authentication (MFA) and evade detection by antivirus.
What you’ll learn:
- How the threat actors are targeting the travel and hospitality sector
- Sophisticated social engineering techniques used to steal employee credentials
- What methods and infrastructure the actors use to evade detection and cover their tracks
- How CTI enables teams to discover and mitigate this threat
To learn the tactics, techniques and procedures (TTPs) these cybercriminals use to defraud hotel guests, and how to protect your guests, brand, and reputation, join us for this fascinating and informative webinar on September 10, 2024.