Booking.com Spoof Scam: How Hackers Are Tricking Hotels with Sneaky CAPTCHA Malware

Booking.com spoofs have taken the hospitality industry by storm, but not in a good way. A phishing campaign is using deceptive CAPTCHA systems to trick hotel staff into downloading malware. With 47% of its activity peaking in March 2025, this campaign is a masterclass in how to ruin a reservation and a computer simultaneously.

3P
Published: June 4, 2025 1:37 pmAdded: June 4, 2025 at 7:03 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Just when you thought booking a hotel couldn’t get any more stressful, cybercriminals decided to check in! These digital delinquents are turning CAPTCHA into “Gotcha!” with their latest hospitality hustle. If only these scammers would channel their creativity into something like, I don’t know, inventing a faster room service instead of malicious scripts!

Key Points:

  • Cybercriminals are impersonating Booking.com to target the hospitality industry with phishing emails.
  • The campaign, active since November 2024, peaked in March 2025, making up 47% of its total activity.
  • Victims are tricked into running malicious scripts via a fake CAPTCHA page known as ClickFix.
  • Most payloads include XWorm RAT and other information stealers like Pure Logs Stealer and DanaBot.
  • The malware specifically targets Windows users, exploiting browser User-Agent details.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?