TLDR
The NCSC Switzerland has observed a sharp rise in fraudulent WhatsApp messages impersonating hotel booking platforms and individual hotels. Scammers use polished, convincing messages to trick victims into handing over credit card details....
How it works
The NCSC Switzerland has observed a sharp rise in fraudulent WhatsApp messages impersonating hotel booking platforms and individual hotels. Scammers use polished, convincing messages to trick victims into handing over credit card details....
Red flags
- Unsolicited WhatsApp message claiming to be from a booking site or hotel, especially if you did not just book anything. Pressure to re verify or re pay a reservation by entering credit card details on a linked page. Links leading to look alike domains that mimic well known hotel or OTA brands. What to do Do not click links in WhatsApp messages about bookings
- open the official app or website directly. Verify any claim by calling the hotel using the number from its official website, never the one in the message. If you entered card details, immediately block the card and notify your bank, then report the incident to the NCSC reporting form
What to do
- 1Pressure to re verify or re pay a reservation by entering credit card details on a linked page.
- 2Verify any claim by calling the hotel using the number from its official website, never the one in the message.
- 3If you entered card details, immediately block the card and notify your bank, then report the incident to the NCSC reporting form.
Source
ncsc-switzerland
Source reviewed by Mythos Forensic Team
https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/wochenrueckblick_22.htmlFAQ
Is Week 22: Targeted phishing campaign impersonating booking platforms and hotels a real scam pattern?
Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.
What are the first warning signs?
Unsolicited WhatsApp message claiming to be from a booking site or hotel, especially if you did not just book anything. Pressure to re verify or re pay a reservation by entering credit card details on a linked page. Links leading to look alike domains that mimic well known hotel or OTA brands. What to do Do not click links in WhatsApp messages about bookings; open the official app or website directly. Verify any claim by calling the hotel using the number from its official website, never the one in the message. If you entered card details, immediately block the card and notify your bank, then report the incident to the NCSC reporting form
What should I do first?
Pressure to re verify or re pay a reservation by entering credit card details on a linked page.; Verify any claim by calling the hotel using the number from its official website, never the one in the message.; If you entered card details, immediately block the card and notify your bank, then report the incident to the NCSC reporting form.
Can LegalAudit check my case?
Yes. Start a free chat and paste the message, link, sender, or payment details for triage.