Booking bedding inclusions? Beware widely spammed out malware attack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Booking bedding inclusions? Beware widely spammed out malware attack

A widespread spam campaign has been sent out around the world, attempting to trick internet users into infecting their computers with malware.

Emails, pretending to come from the customer service department of popular hotel booking website Booking.com, have been distributed.

Booking.com is, of course, a very popular website for people arranging accommodation – but even if you are not planning a trip, you might be vulnerable to being tricked into making bad decisions if you receive one of the emails. A bad decision which could end up with your computer being compromised, and your personal information being stolen.

At first glance you may think that the emails are blank, save for a subject line of “Booking Confirmation [random number]”:

Malicious email claiming to come from Booking.com

But although there is no message body, there is a file attached called Booking_BEDDING-INCLUSIONS.zip:

Attached file, containing malware

Would you open the file?

Cybercriminals are certainly hoping that you will, as they’re banking on you being curious enough to check out the contents of the ZIP file – whcih contains contains malicious code posing as a PDF document: Booking_BEDDING-INCLUSIONS.pdf.exe.

Sign up to our free newsletter.
Security news, advice, and tips.

Sophos has intercepted many instances of this malicious attack, which is still in progress, proactively identifying the malware as Mal/BredoZp-B.

Always be on your guard against unsolicited emails – even if they appear to come from legitimate organisations. It could be that the link you are about to click on, or the attached file you are about to open, is really a disguise for a malware attack.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.