Overview
- Sparkasse warns that convincing fake emails link to copycat banking pages that steal logins using subjects like a suspicious login or an expiring security certificate.
- Victims who enter details are often called by impostors using spoofed numbers who urge them to share a TAN or mark a device as trusted, which authorizes transfers.
- Booking.com says unapproved parties accessed reservation information such as names, emails and phone numbers, not payment data, and it reset PINs and alerted affected users.
- Scammers exploit those booking details to send fake payment demands to guests and to phish hosts for their portal logins, which enables account takeovers and more fraud.
- Consumer advocates advise paying only inside official platforms, blocking online banking at once and reporting to banks and police, while arguing lenders should refund unauthorized transfers under German law more reliably.