If you’re searching the web for a hotel room or if you’re looking for a job in this field, you’re advised to be extra careful, since fraudsters have started setting up fake hotel websites.
Experts from security firm Bitdefender inform
that these sites can help the crooks in accomplishing various malicious tasks, including identity theft and money laundering. In other cases, they might simply ask individuals who want to book a room to pay a certain amount of money upfront.
The fake websites usually leverage the names and reputations of famous brands. For instance, if the legitimate company’s domain is sheratonskyline.com, the crooks will likely set up their site on a domain that looks something like sheraton-skyline.com.
Most major companies have purchased all the variations of their domain names to protect themselves against typosquatters, but it’s likely that hotels haven’t taken such fraud sites into consideration.
Unlike phishing sites, these fraud websites aren’t promoted via email or social media spam. Instead, they’re kept secret to ensure that the domain will not be seized by authorities.
Also, such scammy webpages don’t necessarily replicate the design of the genuine hotel.
Users are advised to rely on common sense and a decent security solution to protect themselves against such threats.
The simplest way to identify fake hotel sites is by typing their names into a search engine followed by the words “scam” or “fraud.” In many cases, you’ll find professional advisories or posts published by other users.
Another way to check out a hotel’s legitimacy is to check out the domain registrant’s details. If the domain is registered to a private e-mail address or if it’s newer than one year, it’s likely part of a scheme.
Finally, if the domain is registered to an individual whose phone number starts with +4470, you’re likely dealing with a scam, since although +44 looks like a legitimate UK number, the 70 prefix shows that call forwarding is set in place.