1 comment

[ 0.15 ms ] story [ 14.9 ms ] thread
The attack boils down to sending phishing emails that contain a url that looks like a legitimate booking.com url but is actually this url. Note the unicode characters that can make it seem like a booking.com url:

https://account.booking.xn--comdetailrestric-access-ge5vga.w...

More info here (the video refers to this page describing the attack): https://www.bleepingcomputer.com/news/security/bookingcom-ph...

Edit: HN presents the unicode characters in the domain in a way that makes it clear they're not slashes (well done HN!) so you'll need to look at the url when you hover over it.