eCommerceNews Canada - Technology news for digital commerce decision-makers
Canada
Hotel booking scam warning phone suspicious payment traveler
#
Data Protection
#
Phishing
#
Physical Security

Norton warns of hotel booking Reservation Hijack scams

Mon, 27th Apr 2026 (Yesterday)
Author image
By Joseph Gabriel Lagonsin, News Editor

Norton has warned travellers about a rise in what it calls Reservation Hijack scams, which use genuine hotel booking details to make fraudulent messages appear authentic.

Threat researchers at Gen, the company behind Norton, said the scams differ from conventional phishing because they rely on real reservation data rather than broad, untargeted lures. Messages may include a hotel name, travel dates and payment references, making them harder for consumers to dismiss as fake.

The warning comes as travel platforms and hotels face closer scrutiny over how reservation data is handled. In one recent example cited by Norton, Booking.com disclosed that unauthorised parties had accessed some customers' booking information, including names, contact details and reservation data, according to The Guardian.

Gen noted that the number of affected customers was not disclosed. It added that incidents involving exposed booking information can give attackers enough context to send convincing payment requests to travellers.

How it works

The scam usually begins with a message tied to a real hotel reservation. It may arrive by email, text, WhatsApp or through a booking platform's own messaging system, often claiming there is a payment problem or that the reservation needs urgent verification.

Travellers are then directed to a payment page that appears legitimate but is designed to collect card details or other personal information. Because the message refers to a genuine trip and may arrive through a channel the customer already uses for booking updates, many people do not immediately question it, Norton said.

Researchers described this as part of a broader shift in online fraud. Rather than relying on generic scam emails with obvious warning signs, criminals are increasingly using personal and situational information to tailor messages around a specific purchase or journey.

According to Norton, these scams target travellers with active reservations rather than random users. Attackers are also making greater use of trusted channels, including booking platforms and official-looking emails, and many messages contain urgent payment demands linked to real bookings.

Access points

Criminals can obtain reservation details in several ways, Norton said. These include compromising hotel or partner accounts through phishing attacks on staff, exploiting weak passwords, targeting third-party suppliers connected to booking systems, or gaining access to platform messaging tools that let them pose as legitimate properties.

Travellers who receive one of these messages should not assume their own account has been breached. In some cases, the exposure may come from a company that holds customer data rather than from the traveller's own login credentials.

That distinction matters because the fraud can appear highly credible even when the victim has taken reasonable precautions with their own account. The level of detail available to the attacker may make it seem as though the hotel itself is making contact.

Financial risks

A successful Reservation Hijack scam can have consequences beyond a single disputed card payment, Norton said. If victims hand over enough information, criminals may make unauthorised purchases, steal personal data for identity fraud, attempt further scams using the same information, or interfere with travel arrangements if the booking is affected.

Travellers may face not only financial loss but also disrupted plans and the burden of changing passwords, contacting banks and reporting the incident to booking providers. The timing of the messages, often close to departure, can also increase pressure to act quickly.

Advice to travellers

Norton urged consumers to verify any request linked to a booking independently rather than relying on links in incoming messages. Travellers should log in directly to the booking site or contact the hotel through official channels, especially if a message uses urgent language or asks for immediate payment.

Those who think they have engaged with a fraudulent message should contact their bank or card provider, monitor accounts for suspicious activity, change passwords on booking and email accounts, and report the incident to the booking platform and relevant authorities.

Norton linked the growth of the scam to a wider rise in targeted online fraud and to the volume of travel bookings now made through digital platforms. More active reservations create more opportunities for criminals to exploit real-world transactions and contact people when they are expecting routine travel communication.

The central lesson for travellers, Norton said, is to trust the booking itself rather than any message about it, even when that message appears in a familiar app or contains details that seem too specific to be fraudulent.

Related stories
AI shopping agents reshape retail buying & checkout
Zapier expands AI governance controls for enterprise users
Automotive microcontroller market set to hit USD $15.1bn
World IP Day: Why IP is the backbone of sporting brands' success
KnowBe4 picks Flywire for global payments overhaul

Top stories

Adobe adds agent tools to Experience Manager Forms
Tonies expands range with Disney figures & new games
MaRS expert panel divided on Canada's health future
Cohere, Aleph Alpha plan transatlantic sovereign AI tie-up
team.blue rolls out AI tools across its business brands