Security researchers at Perception Point have uncovered a sophisticated multi-stage campaign aimed at stealing valuable information. The hackers behind this operation target hotels, reservation sites, and travel agencies, exploiting their access to obtain financial data from unsuspecting travelers.
According to a report by Perception Point, the chain of infection begins with a seemingly innocent request for a booking or inquiry about an existing reservation. Once they establish a connection with the hotel, the criminals provide a plausible reason, such as health concerns or special requests, to convince the traveler to send important documents.
The campaign exploits the trust between travelers and hospitality providers, tricking them into unwittingly divulging sensitive information. The hackers are able to gain access to financial data by exploiting this vulnerability.
The use of URLs plays a crucial role in this scheme. Initially, URLs were solely intended to designate the locations of various files on the Internet, but over time they have become widely used to represent the addresses of all types of online resources.