A new campaign by the scam network Telekopye is making waves as it targets users of popular accommodation booking platforms like Airbnb and Booking.com. This operation has become increasingly sophisticated, with scammers sending phishing emails that falsely claim issues with users’ reservations. These emails often direct recipients to fake websites that closely resemble the legitimate platforms, designed to trick users into providing their payment information.
The fraudulent pages created by the scammers include accurate booking details, such as check-in dates and prices, making them appear genuine and difficult to detect. To enhance the credibility of these scams, Telekopye operators gain access to real hotel and host accounts, likely obtained through stolen credentials purchased on cybercriminal forums. By utilizing this information, the scammers can effectively deceive users into thinking they are interacting with the actual booking platform.
According to ESET researchers, this campaign began gaining traction in 2024 and has shown a notable increase in activity, surpassing traditional online marketplace scams. The timing is particularly concerning as it coincides with the summer holiday season, a prime period for travel bookings. The rise in booking-related scams indicates a shift in Telekopye’s tactics, as they expand their focus from various online marketplaces to specifically target users of major booking platforms.
ESET researchers emphasize the need for vigilance among users to protect themselves from these scams. They advise checking website URLs carefully before entering any payment information, as being directed to an external link is a strong indicator of a potential scam. As the Telekopye campaign continues to evolve, users must remain cautious to avoid falling victim to these increasingly sophisticated phishing schemes.
