Telekopye, dubbed the “Swiss Army knife of phishing,” is a versatile fraud toolkit responsible for millions of dollars in theft from online marketplaces worldwide
Jan 21, 2025
In late 2024, Telekoye fraud groups shift their focus to exploiting travel booking platforms such as Airbnb and Booking.com. These hackers use credentials from compromised accounts at legitimate hotels to target unsuspecting victims. Unlike the traditional “spray and pray” tactic, their approach is more calculated, specifically targeting users who have recently made a booking but have not yet completed payment, or those who have recently completed a booking.
Key takeaways
- Targeted emails: Attackers send personalized emails to their victims claiming there are problems with their booking. They create a sense of urgency by threatening to cancel the reservation or freeze funds unless immediate action is taken. The email contains a link to a phishing site designed to look like a legitimate booking platform;
- Realistic phishing pages: The phishing site appears authentic and pre-populates details such as check-in and check-out dates, destination information, and price from the target’s real booking. These details add credibility to the site;
- Chatbot assistance: The phishing site features a chatbot in the bottom right corner. This chatbot, which is capable of automatic translation, interacts with the target, guiding them through the rebooking process and reinforcing the legitimacy of the scam;
- Payment information theft: Once victims provide their booking details, they are redirected to a fake payment page where their financial information is stolen.
Get the full story at Make Use Of
