Hotel booking confirmation emails aim to infect your computer. Watch out!

Hotel booking confirmation emails aim to infect your computer. Watch out!

Be on your guard against emails that claim to be about a hotel booking that you never made – you could be putting your computer at risk of infection by malware.

Emails have been spammed out claiming to be a confirmation from the booking.com website about a hotel reservation.

Chances are that if you received an email like the following you would be at the very least curious, and might be tempted to click on the attached file.

Hotel booking malware

A typical email reads:

Subject: [Fwd: Hotel booking confirmation 2930566265]

Attached file: Hotel_Reservation_Booking_Com_52524658ID.zip

Message body:

Booking confirmation 8356693431

Date: Tuesday , 29 May ‘2012

Dear,

We have received a reservation for your hotel.

Please refer to attached file now to acknowledge the reservation and see the reservation details.

Arrival: Tuesday, 05 June 2012

Number of rooms: 1

If you have any questions regarding this reservation, please feel free to contact us. Telephone: English support 1 888 850 4649, Spanish support 1 866 938 1298; Fax 1 866 814 1719; Email: [email protected]

Yours sincerely, Booking.com

Of course, opening the attachment would be a big mistake, as the emails don’t really come from Booking.com.

The attached .ZIP file contains a Trojan horse designed to infect your computer. Sophos products detect the malware as Mal/BredoZp-B and Troj/Inject-VI.

Sign up to our free newsletter.
Security news, advice, and tips.

Long time readers will be only too familiar with malware attacks associated with hotels. For instance, in the past we have seen attempts to infect computers via emails disguised as hotel credit card transactions.

The advice remains the same.

You should always be suspicious of email attachments that are sent to you out of the blue. Make sure that your anti-virus product is updated, that you have the latest security patches, and tell your friends to think twice before opening unknown attachments.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.