Skip to main content
Netherlands News in English

Main navigation

  • Top stories
  • Health
  • Crime
  • Politics
  • Business
  • Tech
  • Culture
  • Sports
  • Weird
  • 1-1-2
Image
Hacker_-_Hacking_-_Symbol
Cybercrime file image - Credit: Rendering: www.elbpresse.de / Christoph Scholz / Flickr / Wikimedia Commons - License: CC-BY-SA
Crime
Business
Booking.com
two-factor authentication
adult crime suspects
hotels
travel
Dutch travelers
Fraud Helpdesk
Dutch Fraud Helpdesk
Friday, 16 January 2026 - 17:50

Share this article:

Opens in a new window Opens in a new window Opens in a new window Opens in a new window Opens in a new window Opens in a new window

Hundreds of Dutch travelers defrauded as hackers hijack Booking.com accounts

A major security breach at Booking.com has left hundreds of Dutch travelers defrauded, as hackers gained access to hotel accounts and sent fake messages to guests, de Telegraaf reports.

The platform confirmed it has addressed the issue and strengthened security, but the number of victims continues to rise. Hackers can take over official hotel accounts on Booking.com and send messages to guests through the app. These messages often claim that a deposit was not received and direct the guest to a payment link. Victims who follow the instructions end up transferring money directly to criminals.

Hackers can also gain access to booking contact details, such as phone numbers and email addresses, once they compromise a hotel account. In some cases, the criminals contact guests via WhatsApp or email, posing as the hotel.

“These messages look extremely convincing,” ethical hacker Sijmen Ruwhof told de Telegraaf. “Criminals use AI tools to replicate hotel emails, signatures, logos, and other recognizable details almost perfectly.”

The fraud has surged sharply in recent years. In 2024, the Dutch Fraud Helpdesk received 89 reports totaling nearly 25,000 euros in losses. In 2025, the number more than doubled to roughly 200 victims, with 65,400 euros lost. Early 2026 reports indicate continued activity. The United Kingdom, France, and Singapore have also experienced thousands of victims.

Ruwhof explained multiple ways accounts can be compromised. “Hotels have accounts with usernames and passwords. Because of the vast number of data leaks, lists of billions of leaked passwords circulate on the dark web. If a hotel doesn’t use two-factor authentication and reuses a leaked password, a fraudster can relatively easily access all customer information.”

He added that criminals often pose as guests and send phishing messages with attachments containing malware. Once opened, the malware allows them to take control of the hotel account. Some fraudsters also create fake Booking.com websites with similar domain names and trick hotels into logging in.

A Booking.com spokesperson said, “We have seen such attacks happening since 2023. Many major platforms are struggling with this issue. Our security has actually improved. In our data, the number of victims is decreasing. People are just more willing to report fraud today.”

The platform advises travelers to follow the booking confirmation strictly, which lists exact payment methods and schedules. “Any messages with payment links, whether via the app or WhatsApp, should be treated with suspicion. If in doubt, contact the hotel or our helpdesk directly,” the spokesperson said. Booking.com also said it assists customers in recovering lost funds when possible.

More like this

Image
The Booking.com headquarters building in Amsterdam in 2018
Part of Booking.com records seized after 15,000 hotels claim they overpaid commissions
Image
Close-up image of a Dutch passport in 2013
Dutch still falling for websites offering UK entry visas at 10 times the cost
Image
The Booking.com headquarters building in Amsterdam in 2018
More fraud committed via Booking.com; Average damage €854
Image
Police seize drugs, illegal medicines in Amsterdam-Noord home and storage unit. July 11, 2026.
Police seize drugs, illegal medicines in Amsterdam-Noord home and storage unit
Make NL Times your top Google source

Follow us:

Latest stories

  • Council of State strongly opposes plan to scrap asylum distribution law
  • Video: Escaped monkey from Beekse Bergen still on the loose after nearly a month
  • Dutch U.S. ambassador sends Venezuelan opposition leader’s plane back during the flight
  • No free water at Arnhem festival where high heat injured five; Water cost over €14/liter
  • Netherlands summons Russian ambassador over Russia's hacking of military supply routes

Top stories

  • Ter Apel asylum center area declared safety risk zone after recent stabbings, fights
  • Suspect in ABN Amro worker's fatal stabbing also harassed four other women
  • New public transport strikes looming as contract talks stall
  • Explosion at apartment complex in Woerden; Dozens of homes evacuated
  • Dutch SMEs investing less due to high costs and inconsistent gov't policy: study

© 2012-2026, NL Times, All rights reserved.

Footer menu

  • Change Privacy Settings
  • Privacy Policy
  • Contact
  • Partner Content