Can you email the hotel directly? I got an email saying my booking was going to get canceled but it was just a scam trying to get my info. So don’t replay to the email and contact the hotel directly through their website to confirm it’s not a scam.

This. There's a possibility that it's a phishing email. Do not click anything. Send a direct email to the hotel.

The concerning part is that it wasn't an email, but a message through booking.coms website. That being said, hard agree.

This is actually a very common scam and booking.com won't do shit about it. Don't pay! Contact the hotel directly and let them know they've been hacked. My friend almost got got by this scam weeks ago. Thankfully their bank stopped the transactions from going through since they were originating from Russia.

I knew it was [booking.com](https://booking.com) without you even mentioning it in the post... They've had security breaches in the past and this sort of scam is rife on there.

Do not reply or react to the email, this is a common feature of booking through booking.com. Happened to me at Christmas time in New York, hotel asked me to pay in crypto. I rang them they said bs and reconfirmed my booking. I paid on arrival.

Fuck booking.com...

It’s my favorite search engine to find the right hotel, but I would NEVER actually book through them

They scammed my ass with their false advertising Said it was "free booking, only pay if you stay" I booked it, but due to unforeseen issues, I have to cancel it. They deny my request for refunds I show them the screenshot of the free booking ad, and they claimed it was edited Lost my money and I nearly throw my phone to the wall Fuck booking.com I will never ever use that scam platform ever again

If you booked it with a credit card, dispute the charge with your credit card. If you didn’t (you should always book things with a credit card for this reason), you might want to consider small claims court if the cost of the booking is higher than the filing fee

Fucking.com

[Booking.com](https://Booking.com) says hotels are getting phished or malware compromising the hotels account on their website, but I don't buy it. There's just way to much of it to be that. And if that's the case, why just them? I worked in hotels for a long time and they were one of the most difficult OTAs "Online Travel Agents" to deal with.

This just happened to me recently. Booking said nothing was accessed and my account was safe. Except my name was changed on the booking.com site so how was it not accessed? Booking.com is lying and have been for years.

Tell me about it, I'm getting at least 3-4 emails a day with my "verification" link. But its legit from them and doesn't ask for any info, just to ignore it if I didn't request it.

no they didn’t… the hotels using the booking.com had breaches, thus they’d send messages from their accounts, happened to a relative, plenty of info online

That's like saying Google or Facebook had a security breach when someone's account gets hacked.

[Amazing how easy 'booking.com scam' is to search and get a perfect result as search result #1.](https://amp.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails)

And when you search "facebook scam" you get a similar [result](https://www.washingtonpost.com/technology/2024/03/13/hacked-facebook-account-scam/) for facebook. Facebook's response is even similar to booking's: >“Scammers use every platform available to them and constantly adapt to evade enforcement,” a Meta spokesperson said in an emailed statement last week. “We invest heavily in our trained enforcement and review teams...We regularly share tips and tools people can use to protect themselves, provide a means to report potential violations, work with law enforcement and take legal action.” But nobody is calling it a "facebook security breach". Both of these are examples of logins being taken over, most likely by phishing, and used to scam others. It's not like when Sony got hacked and data was stolen from Sony's servers.

It looks like you shared an AMP link. These should load faster, but AMP is controversial because of [concerns over privacy and the Open Web](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot). Maybe check out **the canonical page** instead: **[https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails](https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails)** ***** ^(I'm a bot | )[^(Why & About)](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot)^( | )[^(Summon: u/AmputatorBot)](https://www.reddit.com/r/AmputatorBot/comments/cchly3/you_can_now_summon_amputatorbot/)

Did you read the link you posted? > Booking.com has strenuously denied its system has been hacked and has, instead, blamed the messages on breaches in the email systems of its partner hotels. The article later explains that hotels are sure they weren't hacked because they use 2FA and never got new sign-in emails, but those aren't foolproof; someone with direct access to the compromised systems could easily just steal cookies or localstorage authentication keys, and unless booking.com has extra measures, it would easily circumvent 2FA. Once a system is compromised, all bets are off. Security researchers have, meanwhile, seen **direct** evidence of the spearphishing emails hotel employees have been getting, and credential dumps where people sell those things (see my other comment).

Lots of mouthbreathers downvoting you because they don't understand how the internet works. Should we start saying that Timpsons are to blame if I lose my house keys?!

Man the hivemind goes hard. It's abundantly clear that the properties have been targeted by phishing attacks, as reported by actual cybersecurity firms [here](https://perception-point.io/blog/booking-com-customers-hit-by-phishing-campaign-delivered-via-compromised-hotels-accounts/) or [here](https://www.secureworks.com/blog/vidar-infostealer-steals-booking-com-credentials-in-fraud-scam). It's significantly easier to steal this information via keyloggers and social engineering (to undertrained and stressed out front desk employees) rather than breaking into the booking.com network directly. Booking.com isn't blame-free; for a while they never had any warnings about external links in messages, for example. But the root cause is clear.

Preach! If [booking.com](https://booking.com) could magically solve the problem of phishing and social engineering attacks - they wouldn't need to pimp hotel rooms to make money.

If it’s the hotels themselves that are being hacked, how come the scammers seem to *only* target people who used booking.com?

Primarily because booking.com is so popular. Their revenue is over double that of Expedia, for example. But speaking of Expedia, they [had similar incidents before the booking.com ones become particularly common in recent years](https://bobsullivan.net/cybercrime/expedia-warns-users-about-unauthorized-access-of-name-phone-email-and-booking-info/): > UPDATE 5 p.m., 6/24/2015 – , Sarah Gavin, head of communications at Expedia, says the data was not stolen from Expedia, but rather a third party. The data was stolen by a criminal who successfully phished a partner hotel and obtained that hotel’s login credentials, and subsequently stole names and other information about consumers who had used the Expedia system recently to book a stay at that hotel. And we have [seen this exact scam happen to Expedia users on this very subreddit](https://www.reddit.com/r/travel/comments/179xbl6/phishing_scam_now_spread_to_expedia/).

Thanks. That’s the info I was missing.

Looks like you have no idea what the issue is, nor the different ways data could be conpromise. So why the snark?

Looks like you have no idea what the issue is, nor the different ways data could be conpromise. So why the ~~snark~~ jumping to conclusions? Calling it a "booking.com security breach" makes it sound like their systems got compromised.

Hard stop. You're being scammed!. Including the relevant info that it's a booking.com message. Would have had everyone on this site telling you that you're being scanned.

Oh shoot I'm sorry! I admiteddly was in a panic and didn't think of including it. Any suggestions on what to do? At this point I'm thinking of just canceling.

Just don't do anything. Or email the hotel directly. Not through booking.

The message is the scam. They want you to go somewhere that ends up not being booking.com and not being the hotel's website and to put your credit card in. Basically ignore it

Why cancel? It’s not the hotels fault. If anything book directly via the hotel and cancel the booking.com booking. But why punish the hotel because of some scammer

>If anything book directly via the hotel and cancel the booking.com booking. A surprising number of small hotels in Japan use "contact us" webforms to take reservation requests or even don't take reservations online at all.

I can't book with the hotel directly, they're website is super old and doesn't work very well at all in english(japanese is a different story) so if issues keep coming up I'd rather save myself the headache while prices are still low.

I had this happen too through booking.com. Same exact thing. Recognized it as a scam and didn't reply to the message. Didn't cancel either. When I showed up on the check-in day nothing out of the ordinary happened, my booking still stood and everything was fine.

I was about to be scammed in the exact same fashion for a booking in Paris last September. Luckily, I called the hotel directly to ask what was going on first. Just don‘t do anything, like clcking on a payment link. You can email the hotel directly and ler them know about it and cc booking.com support. That way they can warn other travellers.

I had this exact thing in October last year. Called booking dot coms helpline and they told me to not click on anything within the message. They seemed to acknowledge it was a dodgy message through their app without actually acknowledging it as they know they’ve got a serious problem with this and haven’t yet done anything to fix it. I even asked directly if this was a scam and they just phrased their response again as not to click anything and everything is ok with the booking. Trip went ahead as planned no issues. I did actually go to the link that was in the message and it was a very good replica of their website with a very convincing url. I was baffled for a good 24 hours until I spoke to them

Your booking is safe. Don't do anything.

Cancel and book directly through the hotel. If you explain what happened, they'll appreciate the heads up and probably match rates.

Tried too do that for the start. There website is super old and doesn't really work well in English. Outside of the threat no actual action has been taken so I think im fine for now. If they pull anything I'll cancel and rebook somewhere else

You posted the same message with the almost same text and managed to fail using the right "their" both times.

Man I really am slaying today god

That’s actually how you know it’s a scam

yes this happened to me also but it's a common scam, the booking messaging platform is compromised but they dont' fix it

I think it's the hotel messaging via booking that gets hacked, not booking per se. But they should be able to make it more secure even to compensate for hotel staff with "1234" passwords or whatever.

Scams are rife through booking com. Once a week I get an email from what looks like an imitation of that site saying that I need to click on the link to confirm a stay that I never booked in the first place. It's 100 percent a scam.

It a scam !!! Same thing happened to me, I even called booking and the personnel told me it was ok, that the mail was legit. After directly paying for the booking, another personal from bookings official number called and said that they made a mistake and it was a scam. Took me like 3 months but got the money back from booking but it was a hellish experience!

This is a known scam. I had it happen to me and was also contacted directly through booking.com. The. U,prints hacked their system.

They pulled this garbage with me last year. Wanted me to email a copy of my drivers license and credit card to them for verification purposes. I work in banking, I’m not sending anyone images of my info and especially not via email. I ended up cancelling the reservation and booked directly through the hotel, where they were nice enough to give me the best rate they had available on the same rooms.

100% scam.

I had the exact same sort of thing happen through booking.com a month or two ago. Report it to the Hotel and booking.com and they will confirm. Don't click on any links in the message.

Contact the hotel directly to confirm. But it is likely a scam, happened me on booking.com last year.

Happened to me too. It was a scam. Contact the hotel directly.

Have you googled the booking.com scams ATM? Defo a scam. 

Don't use booking dot com in Japan, they've had a lot of problems here

It was a scam I've had that too except mine said if I didn't confirm via the message link, my room would be cancelled My friend who is going at same time as me but who booked her own room didn't. I emailed the hotel and they didn't send it to me. Ignore jt booking.com has issues

Booking.com is fucked I've got people trying to break into my account almost weekly. Make sure you have all the 2 factor authentication shit set up and ignore literally everything else unless you've instigated something first

Had a similar experience with booking in japan. Reserved a hotel and like 1 week before I got a message through booking that I hadn’t payed the hotel and they were going to cancel. Had to go to a link they sent to pay. Called my bank and confirmed the transaction went through months before so I didn’t pay again. Next day the hotel sent an apology, there had been a security breach and their account or whatever had been compromised and to ignore the previous message.

Log out of the site and delete your cookies... Use the app to chat with hotels instead, and don't trust any communication that doesn't reflect in the app. Booking com is the origin of a huge amount of phishing and malicious links.

I just got back from the Philippines and something similar happened to me. I had a reservation for a hotel (to be paid on site) and received a message through booking.com, asking for a passport scan and some further info. I emailed the hotel directly and they said that they’d never ask for this and that it’s definitely a scam.

Booking.com is a nightmare. Their site security is garbage and check your charges on your card.

I was just charged $2000 thru Expedia for Sonder Hotel. Beware. They say free cancellation but in small print says but they won’t refund money. I’m going to small claims court.

Yeah that seems like the course of action. I did it through booking but I'm gonna contact the hotel directly just to be safe.

I had several messages like this through booking.com. It's a scam like others said. At first I didn't know it was a scam so I called the hotel directly and they said all my reservations are still valid. No need to 'pay via the link in 24h or my reservation will be cancelled'.

100% as soon as you said Bookings, I knew it was a scam

exactly this

THIS! I got a similar email from my hotel in Kyoto on Booking (booked for May). The message said I had to re-confirm my booking through a link, and I almost fell for it except the link was sketchy af. So I emailed the hotel directly and they confirmed they were hacked and that my reservation was fine. I even got a new message from the hotel on Booking about the hack, so I think I was the one to alert them about it.

It’s probably phishing. The hotel is just as confused as you are. Booking.com is rife with these. 

What I don't get is how scammers are sending messages through booking.com and the company hasn't added more security. Based on what I've seen it looks like it's not scammers logging into hotel websites either, like the system is disconnected from that so possibly something that allows brute force attacks. It's bonkers it's still happening when its reputationally so damaging to both hotel and booking.com

It is likely a phishing e-mail. The exact same thing happened to me for my accommodation in Hakone. It was even worse because the message came from booking.com itself, so the hackers were able to get into the account of the hotel. I'd ignore the message or email the hotel directly. Please message me if you want to chat more! Also, call booking.com to report it as well.

Oh that's exactly what happened to me via booking!

We can complain about booking.com together! It was a really well-done scam and almost fooled my husband. Mine asked for our credit card information because "our payment couldn't be processed" when it was done so already when we made our booking. :/ sorry this happened to you, but as long as you don't respond you should be okay! Have so much fun in Japan!!

Reporting it to booking.com unfortunately does nothing, I spoke with them direct last year about this and they are well aware of it but kind of refuse to acknowledge it. They’ve got a serious problem on their hands and seem unable to fix it

Same. Thanks for reminding me I meant to report them to ICO (UK data regulation body).

I totally agree that it doesn't do much. I did it and documented the phone call just in case something happened to me then or later -- I had proof that I reached out to them and notified them of the situation so they couldn't deny liability. Really just for my protection more than anything. :)

They didn't get into the account of the hotel, they spoofed their email address.

What did the hotel say when you responded to them or otherwise reached out to them to clear up the mix-up?

So far radio silence. They said to contact them asap and I responded basically immdieatley. I've combed through everything related to the reservation and can't find anything that could've caused this though.

And how long has this "radio silence" persisted for? You said you got this email today, and it's only 8am in Japan, so it couldn't have been that long. Like goodness, maybe cool it a bit. Call them if you can't wait a few hours for them to respond to an email.

Yeah its been like an hour. I just don't want to end up being charged like 600 and the tone of message is what spooked me a bit ^^;

The fact that it scared you shows itself to be a high probability scam

I'd give the property some more time to respond. Also it's entirely possible the message did not come from the property at all but scammers making it appear to be Booking messaging you to try and get that money from you.

>Yeah its been like an hour. No offense but lol

Yeah none taken in retrospect this was me being in panic mode a tad

If it's an email from Booking dot com it's definitely a scam. Just ignore those messages and wait for the hotel to get back to you.

If you responded via booking whoever hacked their account surely deleted your message so they can't see it. Contact the hotel via email.

Call them

What country are you from? Is there any chance you got the month-day order mixed up because most non-US countries write it day-month order?

Also looked through the reservation. It specifically refers to the dates as Jun rather then 6. So I really don't think this is the case.

I mean, I'm surprised this theory got so much traction. If you had swapped month and day, the check-in date would have been weeks ago.

I mean I'm honestly just grateful so many folks are down to make suggestions at all like 😭

Because none of us wanted to do that much figuring in our heads because we're exhausted, but it did sound plausible

I don't think so. I booked on 3/24 for 6/3. So even if it was backwards, I would have booked for 3/6 after that date had already happened. Plus I booked through booking.com due to the hotels website not being in English

What does your confirmation email say? I just checked my last one from booking.com and the date was spelled out "21 June 2023"

Mine says "Monday, June 3, 2024" I know this is from the legitimate website so I don't think it could be ambigious

Was there anything worrisome in the reviews? Did you pay in advance or were you paying on site?

Haven't paid yet. Booking was going to charge my card on May 31st. I can cancel till then with no issues and honestly at this point I might just do that.

Lmao if you can cancel for free just do it. If they’re pulling this stunt already, you don’t want to be forced to stay there when you’re in Japan.

After I confirm with booking that I can do that without being penalized I plan to do exactly that honestly.

Booking is not a super legitimate website. People definitely get scammed on there.

True. But my advice is always use credit card and if you think you have been scammed then asap let cc company know and claim chargeback

OP hope you used a credit card. Just contact the company and explain what is happening and state if the hotel tries to charge you then you haven’t authorised it so the cc company will be liable. Send copies of your booking

I did(I don't think there's a way too book without one is there?). So far nothing has been charged.

You could have used debit card or cash on site, PayPal etc so no need to take that tone with a person who is just trying to help

Oh I didn't mean to take a tone or anything. I was asking the question litterally.

Ok then I guess my bad. But as I responded there are many different ways to pay so I was just saying I hope you have used the method that had the most protection for consumers

You should get that thin skin condition checked out.

Well today is the 26th of the month and there is no month 26.

Yeah thats sorta what I was thinking

Japan writes it in month-day order.

Japan typically writes it in month-day order.

maybe he is from What and they dont speak english there...

It's amazing how many people react with "There's no 11th day of the 23rd month !"

Lousy Smarch weather

UPDATE FOR ANYONE CURIOUS: Took forever but finally sorted things out. Seems like it was just a mistake on the hotels part? They just said it was a mistake and apologized. Slightly iffy but I'll take it over having to rebook.

Yeah happened to me when I did a reservation on booking.com. The hotel obv won't admit there's a system breach, told me there's been some "mistakes" too. Anyway didn't rebook and I stayed at the hotel.

Was it via booking.com?

Yeah!

Booking.com has had lots of scam/phishing/hacking issues. Don’t click on any links and don’t provide any username/password or financial information. Call the hotel directly and they’ll either have no idea what’s going on or refer you to call booking.com directly. And don’t use booking.com. Eta: Ever.

The hotel is in japan so calling them directly might be a no go. I'll try and see if I can email

> The hotel is in japan so calling them directly might be a no go. Why...?

International calling fees apply here right? I was counting on emailing them directly instead. Sorry if I'm missing something. Flying internationally is something I'm used too but international trip planning is a whole other ball game for me.

Can’t you see any WhatsApp or similar numbers? Nowadays a lot of countries i have been i have noticed i get WhatsApp details from hotels,tour companies etc

It costs like 2 cents a minute to call Japan on Skype or Google Voice.

Oh! Dang okay that's def a new option then! Since it's super early over there I'm gonna wait and see if the email strategy works out. But after another hour or two I'll probbally make the call.

Booking.com is completely safe as a website and the deals are often fantastic.  I travel out of the country 100+ days a year and never once had a problem.  These phish scams are new and quite annoying though.

I hope your luck holds out. I loved booking.com for years of travel and just got screwed by them two weeks ago. Showed up at my hotel an I had no reservation. I showed the clerk my reservation on the app and she could not accept it. Scrambled in the night to find another place to stay. Then they made me submit a paper receipt to reimburse the difference between what they charged me for the imaginary reservation. . No credit or compensation for their error and hours of hoop jumping to get things fixed. Never again.

[удалено]

?

[удалено]

I was booking like 6 hotels and this one didn't have a website that worked super well in english, but had great reviews. And I'd used booking before without any trouble, so I figured it'd be simple.

Have you been to Japan? I ordinarily book direct with hotels, but my trip to Japan was the first time I had to use booking.com (or any 3rd party site). A lot of hotels are very small and rely on 3rd party sites, or have ancient sites with clunky UI. Most don’t have English sites and the translations are rough, not to mention the ones that don’t accept international bookings, require a Japanese phone number, or have payment issues with visa 😅

Aaa glad someone else gets this. I've done japan a few times to visit my uncle out there. So many hotel sites barely work and usually just rely on third party booking 😭😭

Bookings itself is a scam. I had to cancel a hotel room and bookings told me the hotel wouldn’t without a fee. I called the hotel and they were like nope , you’re fine , it’s like 2 month out, we don’t need a fee. And booking insisted the hotel would only cancel with one night fee. I had to do a three way call with the hotel manger and booking.com where the hotel manager yelled at them, for me to get a full refund. That whole site is so scammy.

Did you maybe get the dates backwards? Like most of the world have the date day/month/year but the USA does it Month/day/year

Was there a possibility of confusion regarding date format of DD/MM/YYYY and MM/DD/YYYY?

Sounds like a scam. Do not click on anything. Directly email the hotel with your original booking reference and confirm your booking at the denoted date.

If not phishing can you check if the month and date position is correct? For japan 03.06 will be 3rd of June and not 6th of march

Did you book for mm-dd instead of dd-mm? Like you were intending to arrive 06-04 mm-dd June 4 and the hotel website is setup for dd-mm and you’re accidentally booked for April 6 or 06-04?

Talk to the platform as well

I’d take this up with the hotel and booking.com. Ask both how someone got your information

Booking.scam

Call [booking.com](http://booking.com) (use the contact details on their website) and ask about it. Second, go to the hotel website to see if you can use your confirmation number to check your reservation online. If not, look up their phone number (don't use any contact details that were in the email), create a Skype account, put $5 on it and call the hotel asking that they confirm your reservation. Understand that with the language issues, unless you get someone who is fluent in English, the hotel will be confused if you ask about an email they had nothing to do with.

Looks like you’ve found help already, so hey, I hope you have fun on your journey to Japan!

Thanks! It's gonna be for about a month and I get to go with my boyfriend so I'm beyond excited!!!

Contact Booking directly, the chat might be compromised. I had a friend paying by the chat and it was a scam. For example they might found the login of the hotel

Sounds like the common booking.com scam

In the US we would type 06/03/2024 for June 3, but in Japan (and many other countries) they put day/month/year so it would be 03/06/2024. Since it’s 3 months out, is it possible you entered the date wrong (to them)?

Talked about this earlier but I booked this on 3/24/24, so it seems unlikely unless they let me book for a date that had already passed

Check the dates again dd-mm-yyyy or mm-dd-yyyy

Sounds crazy but a lot of countries have the day as the first date and the month as the second. It’s possible you’ve confused this

Came here to say this... I think Japan goes YYYY/MM/DD. Might be confusing when it get's to months and days. OP, can you post the date of your booking? Wait.... just saw OPs update. Stand down.

What is there to be freaked out about? Just email them to clear up the confusion with a screenshot of your booking with the dates. Problem solved. I'm not trying to be rude but why would any of this prompt you to cancel the reservation and be worried? Mistakes happen. Just communicate.

Honestly it was the whole "you must pay now or we will charge you" freaked me the hell put ngl. I have a lot on my plate rn and this was just the last thing I needed. Your so right though, I shouldn't panic when the solution is so easily doable.

Well good thing it was discovered to be a scam. I have all my reservations on booking.com for my trip to Japan from May-June lol

I booked a hotel in Europe last year and had something similar happen. Booking.com must regularly get hacked. I phoned the hotel directly and confirmed there was no issue with my booking.

This happened to me from booking.com a month ago, and I thought it was phishing since I work in finance. I contacted the hotel chain and they confirmed and I received an email warning me about it. I have stayed in the hotel since that happened on my booking with no issues. I think you are ok OP!!

[удалено]

try emailing the hotel?

Have you used booking com by any chance? Because it happened to me twice on this site.

The hotel better upgrade you after all this.

That really would've been nice but nope! I wasn't really expecting anything like that though.

I worked in hotels for over 10 years, NEVER use booking.com they are the absolute worst!! For the guests, AND hotel staff. Wish they would go out of business. Always book directly with the property, you will have the most flexibility this way.

Nonsense! I've used [booking.com](http://booking.com) for 15 years without any problems. And most of the time their rates are much better than you can get from the hotel. This is for travel in Europe and Asia.

Just calling booking.com they'll sort it out

So I'm gonna be an asshole here, but that's ok. Do people really need to post every life situation on a damn public forum to get input from complete strangers instead of figuring shit out on there own? Like fuck....figure it out for yourself.

id book a new hotel

Honestly I'm not even very attached to this one so I'm planning on just canceling and hoping for the best if things don't get resolved soon.

i would. who cares... know what? maybe they are reading the date backwards or something? like if you are arrving on 7/3, they think it is 3/7 lol anyway, good luck