[ad_1]
Some customers of Travelplanet.pl receive messages from crooks requesting payment for a reserved holiday. Unlike many similar extortions, criminals have real data about the users of the website. You know the name, the first name, the date of the reserved departure and the amount of the payment.
A message with a request
An email from fraudsters is exactly like the one that Travelplanet sends to customers. By booking the holidays in advance, which represents several months, consumers pay only a down payment. Most often, it's a small part of the total expense – several hundred zlotys. The rest, even several thousand zlotys, must be paid about a month before departure. When the deadline approaches, Travelplanet sends a reminder. The scammers do the same, but they give their account number.
Message of imposters usurping the identity of Travelplanet Source: Niebezpiecznik.pl
Faszysz page, payment only by bank transfer
The victim has the opportunity to discover that the message does not come from Travelplanet. First of all, comes from the domain doplaty-travelplanet.pl. Second, the only form of payment available is a transfer. Meanwhile, the genuine service provides many other payment methods – for example, Card
.The criminals asked by one of the victims why the only form of payment is a transfer, they replied that it was not the case. this is so "because of technical problems". ". By way of apology for "inconvenience", they offered a 10% discount.
Travelplanet warns against fraudulent work
Travelplanet warns its customers against fraudsters for several weeks. Then information about possible frauds reached the mailbox of one of our readers. The site doplaty-travelplanet.pl is still active. The company is assured that it has also taken steps to block bank accounts and domains that use a criminal. Until now, in vain.
What is the customer data for?
In all of this, the most disturbing thing is that criminals have real data on the victims. At present, it is not known who is the source of the leak. The Travelplanet service claims to have noticed no breakages.
The Travelplanet.pl employees assured that the company had carried out an internal audit, which did not show that the customer data came from the internal systems of the company
– informs Niebezpiecznik.
The second case
We do not need to break down customer data, we discovered the problems of the second site, through which you can buy your vacation. It's about Wakacje.pl. The company's customers have also received information on the need for additional payments. In this case, one of the former employees of the company turned out to be a criminal. He had access to the customer database and decided to use it.
See also: The victims of GetBack have another problem. Their sensitive data fled
Who pays – falls into trouble
Before making payments for the holidays, it is worth making sure who will go to the money. Victims of the attack on Travelplanet must be able to count on a contractual penalty on the part of the tour operator, who has not received payment in time. Injured people have to pay double or pay for holidays.
***
[ad_2]
Source link
