Bookings.com. Be On Your Guard

[Mad On Triumphs]

OK, I just thought I'd share this you, so nobody gets caught out. Now like maybe a high percentage of you out there, I use Bookins.com to search for hotels.
This morning I get an email from a B&B I'm staying in, in August stating that there was a problem with my credit card being accepted, and if I didn't take action now this might result in my booking being cancelled. Right away I thought this is strange, as I've never had this problem before, and anyway I always pay at the property and never use my card to pay for the B&B.
So not clicking on the link provided, I went into the Bookings.com website, and sure enough there was a message from the property to say that this message was NOT from them.
I've since found out the following info

The company, which is one of the biggest hotel and holiday websites in the world, has not itself been hacked. Instead, criminals have tricked their way into the administration portals of individual hotels that use the service.

So please be careful with what you open, and Yes, I'm not trying to teach you to suck eggs, but to just be mindful that these moronic idiots will stupp to whatever level they need to go to, to get your money.

 

[Rocky]

Thanks for the heads up
Over the Christmas period in particular, I received a few phony emails about problems with credit cards or deliveries for a package I never ordered.
I haven't ordered anything online for months.
But there is so much online shopping these days, many might fall for it since the messages look very official with logos and other identifying info.

 

[Qship]

Yes, these spammers are getting very creative these days.

 

[PINTE]

It's gonna get a lot worse now that they are using AI to write scripts, immitate voices and create images. We all have to be a lot more vigilant. I used to think I had good passwords using 8 characters. Bah, no good. Recommended are 12 characters. I now use 14 character passwords for everything.

Edit: For work log ons for my phone, laptop and work websites, I have one memorized word that contains first letter capital and the next 7 letters lower case. The last 4 chars are the only thing that I randomize for security. Its just to damn complicated with too many passwords for everything at work.

 

[sikatri]

Thanks for the warning!

 

[DaveM]

I can just about myself when I see these scammers at work.

 

[Rocky]

I can just about :: myself when I see these scammers at work.

I agree - and with what PINTE said. They take advantage of those who don't pay close attention - which is partly their own fault.
Out of the billions of internet users, they are bound to catch quite a few when they throw out the net - and it will only get worse

 

[RockyDS]

It's gonna get a lot worse now that they are using AI to write scripts, immitate voices and create images. We all have to be a lot more vigilant. I used to think I had good passwords using 8 characters. Bah, no good. Recommended are 12 characters. I now use 14 character passwords for everything.

Edit: For work log ons for my phone, laptop and work websites, I have one memorized word that contains first letter capital and the next 7 letters lower case. The last 4 chars are the only thing that I randomize for security. Its just to damn complicated with too many passwords for everything at work.

Best to use a password manager/generator and a something like Keypass, NordPass or Byepass or one of these ...
https://www.pcmag.com/picks/the-best-password-managers
A password manager will generate individual passwords for all your accounts that are virtually impossible to crack and you just use your password to access the password manager.

A 7-character password can be cracked in two seconds, even when numbers, upper case letters, and lower case letters are utilized.

Estimates of how long it takes to crack a password ...

 

[PINTE]

That is an excellent chart showing how serious we have to be about our passwords. Just an FYI, I have a bunch of sites where I have individual log ins. The number of individual passwords is a huge PITA. You can use a password manager as Rocky suggests, which is actually a really good idea, or, just because I'm a stubborn ass and want to actually see my passwords, I use a text file on my desktop with all my passwords. That text file is also backed up, just in case the hard drive or the computer fails.

Word of warning, if other people have access to your computer, it's probably not a good idea to have a text file like mine out in the open like this. My wife and I share our computers and we have access to each others passwords. This is to make it easier for either one of us, to manage our bills and banking as well. We know that we are the only ones using our computers.

 

[DaveM]

Keeping track of passwords is a huge effort these days. I have a password protected spreadsheet saved on my PC for all of my stuff.