'Elaborate and sophisticated' booking scam catching holidaymakers out
Internet users are being warned of the latest ‘elaborate and sophisticated scam’ which is targeting booking.com users.
Booking.com is one of the leading online travel websites in the world, and allows users to easily compare and book accommodation, flights and rental cars.
The site underwent a data breach in April 2026, with customers names, email addresses, phone numbers all leaked to unauthorized third parties.
Pic: Shutterstock
Hackers also managed to obtain details of reservation details in some cases, allowing them to cleverly use this information for what is known as a ‘reservation hijacking’ scam.
One Reddit user took to the r/CasualIreland subreddit over the weekend to warn fellow social media users of the cunning scam.
They shared how they had received an email from what appeared to be a hotel they had made reservations with.
Pic: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images
‘To confirm my booking,’ they explained, ‘ALL my booking details were in the email, name, reservation, dates, all correct.
‘Using hotel logos, etc. Asking to confirm my reservations. There was some urgency as it said I would lose my room if not confirmed in 24 hours.
‘When I clicked the reservation link it took me to a professional looking payment gateway.’
Pic: Getty Images
The alarm bells started ringing when the amount that was being requested didn’t match the initial price.
The person shared how the email came from fransisca@springhallbritishschool.org.
The fact that the email came from an actual domain, meant it didn’t trigger an alert from the person’s gmail account.
Pic: Shutterstock
On further inspection, they found that a reply to this email went to the link notice.sy0539.com.
‘Be aware guys, if you have a hotel booked via booking.com you might get this scam email,’ the Reddit user warned, ‘Stay safe.’
Fellow users took to the comments, with one sharing: ‘A friend of mine lost €200 in a similar scam last week.
‘She was selling something on a popular online marketplace and was contacted by “customer service” and told she needed to verify she had at least €200 on her card before she could sell.
‘Meanwhile, a “buyer” had contacted her. Similar deal as OP [original poster], she had to verify a temporary hold sent her on WhatsApp.’
‘They’re getting so clever,’ another noted, before advising: ‘Just as a heads up, you should run some virus checks now because you clicked a link in that email.’
A third commented: ‘There is also a WhatsApp version, which honestly looks quite legit too. They had all my information from booking.com, names of hotel etc.’
Extra.ie have contacted Booking.com for comment.
