Threat Alert: Phishing Attacks Abuse Booking[.]com Branding

• Cybercriminals have launched a series of phishing attacks abusing Booking[.]com’s branding. 
• The lures allege Booking[.]com found suspicious account activity associated with the recipient’s account and encourages the recipient to follow a link to authenticate their profile. 
• Following the link leads to a look-alike Booking[.]com domain that harvests login credentials. 

Key Actions (at Work and at Home)

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well-known organizations.    
• Be extremely cautious of any unexpected email or text that prompts you to reveal account information. If you need to confirm a claim made in a message, log into your account directly, via a known, trusted channel, rather than via a link.   
• Report ANY suspicious emails using the Phish Alarm button.