Booking.com customers targeted by scam 'confirmation' emails

My wife was hit by this a week or two ago for a reservation in Toronto. She entered her credit card info. Everything looked very legit because her reservation information was listed. The Url was off. Can't remember exactly what it was, but think it had a booking.com maybe as a subdomain. (She cancelled her CC.)

Something like this happened to me the first time I used booking.com... but around 10 years ago. Someone got ahold of my booking details including the property name, booking number, etc.. and then contacted me via a spoofed email that looked like it was from booking.com, and another email that looked like it was from the hotel and asked for the reservation to be paid in full by bank transfer. A while after making the payment, I thought about it more and checked the email headers from the booking.com email and became more worried after finding some odd things, which I can't remember now. I contacted booking.com and they confirmed they did not send the email asking for payment. Long story short, booking.com did fully compensate me, around 800 eur. As for how this has been happening for 10 years, one guess is scammers could be using packet sniffing to intercept booking details sent from booking.com to hotels which could be using unsecured email protocols.

Victims are getting scanned twice. I always book hotels by phone without providing bank details because you can’t be charged for a service you finally don’t use, like airlines are doing