A new cyber scam detected in mid-May is taking advantage of real hotel reservations to try to collect extra payments or obtain travelers' banking details. The fraud, identified as Reservation Hijack Scam, uses authentic information from already contracted stays, including the exact name of the establishment and the reservation dates.
The difficulty in detecting it lies at that point. The messages no longer arrive with obvious errors or generic data, but with correct reservation details and precisely worded texts, which reduces the signals that previously allowed immediate suspicion.
Attackers use real reservations and ask for a new payment
Cybercriminals access this data through compromised conversations, hotel system breaches, or stolen credentials from accommodation management platforms. With this information, they construct communications that appear legitimate and seek quick action from the customer.
The most common pattern consists of requesting bank verification or an additional payment once the reservation is confirmed. They may also ask the user to re-enter their card details through an external link.
In some cases, attackers resort to web domains almost identical to the official ones. The deception relies on minimal changes in the page address, enough to confuse the user for a few seconds and lead them to complete the payment outside the correct channel.
AI eliminates errors that previously betrayed fraud
The use of artificial intelligence by criminal groups has changed the appearance of these messages. The technology allows them to write texts without spelling errors, adapt the language to the recipient, and personalize the content more easily.
This complicates fraud detection during the peak tourist season, when other digital scams related to travel also increase. These include fake search engine results, fraudulent social media profiles, non-existent promotions, and the illegal sale of tickets.
The warning signs are still in the channel and the urgency of the message. It is advisable to be suspicious of immediate payment requests after confirming a reservation, requests to re-enter banking details, notices sent via WhatsApp or SMS, and transfers to personal accounts.
Faced with any unexpected message, the recommendation is to go directly to the original platform or contact the hotel through its official channels. It also helps to activate two-step authentication, use different passwords, and not enter bank details from links received by message.