How to Spot and Avoid Hotel Booking Phishing Scams
Online travel booking has made planning a stay faster, easier, and more convenient than ever. But that convenience has also created opportunities for scammers to impersonate hotel brands, build fake booking websites, and mislead guests into sharing personal information or making payments on unauthorized platforms.
Across the hospitality industry, phishing scams are becoming more targeted and more convincing. Yanolja Cloud Solution has published a security advisory stating that an active phishing campaign is targeting hospitality businesses, hotel staff, booking systems, and payment workflows, with attackers impersonating trusted hospitality and booking-related services.
At UPAR Hotels, guest trust and digital safety are a priority. This awareness guide is designed to help guests recognize fake booking websites, avoid suspicious payment requests, and book only through trusted channels.
Why these scams are increasing
Hotel related phishing scams are growing because online bookings involve personal information, payment details, and time sensitive communication. Fraud guidance for the hospitality industry notes that this combination makes both hotels and travelers attractive targets for impersonation and payment scams.
The current advisory warns that scammers are sending fake booking confirmations, reservation messages, and booking cancellation prompts through channels such as WhatsApp, email, and SMS, often with urgent payment or verification links. This kind of urgency is intentional because people are more likely to react quickly when they believe a reservation or payment is at risk.
For broader booking safety, guests should also use verified travel channels such as the official UPAR Hotels website and well-known OTA partners including Booking.com, MakeMyTrip, Goibibo, Agoda, and Expedia.
Suspicious domains to avoid
Yanolja Cloud Solution's published indicators of compromise include a list of fake hotel booking domains associated with the current phishing campaign. These domains should be treated as suspicious and must not be used for reservations, payments, or guest communication.
- hotel-stay133180.com
- hotel-stays019311.com
- hotel-stay5013012.com
- hotel-stay021012.com
- hotel-stays341419.com
- hotel-stay0113012.com
- hotel-stay12311.com
- hotel-stay05012.com
- hotel-stay032012.com
- hotel-stay11311.com
- hotel-stay91351.com
- stay-room24210.com
- stay-hotel0911.com
These domains follow a pattern often seen in phishing campaigns: generic hotel related words combined with random numbers, designed to look legitimate at a quick glance. The same advisory also warns users to look out for suspicious or lookalike domains such as fake hotel-stay* or hotel-status* booking sites.
How to identify a fake booking website
A fraudulent booking page may appear professional, but there are common warning signs. Guests should be cautious of unusual or lookalike domain names, unexpected payment requests, websites that lack clear business details, and messages asking for card details, OTPs, or passwords.
We advise users to avoid unofficial payment links and shortened URLs, and to treat random or unsolicited WhatsApp booking messages as suspicious unless they come through verified channels. If a website or message creates panic by saying a booking will be cancelled or needs urgent reconfirmation, it should be verified independently before any action is taken.
How to book safely
The safest way to make a reservation is to book through the official UPAR Hotels website or trusted OTA partners only. Guests should verify the exact website address before making payment and avoid clicking on booking links received through unknown messages or social media accounts.
Before entering payment details, check that the website uses https:// and shows a secure browser connection. In its security guidance, Yanolja Cloud Solution specifically says users should confirm they are on the official site and should not proceed if the URL or security checks do not match.
As a good practice, guests can also cross check room rates and property information on trusted channels such as the UPAR Hotels contact page, the hotel's Google Business Profile or the booking page of a verified OTA partner.
What UPAR Hotels advises
UPAR Hotels strongly advises guests to avoid booking through unofficial links, cloned domains, or suspicious third-party pages. Reservations should be made only through official brand channels and authentic OTA partners.
If a message, website, or offer appears to represent UPAR Hotels but looks unusual, it should be treated as a potential scam until verified through official contact points. Awareness and verification are the most effective first steps in reducing the risk of phishing related loss.
For secure access and hotel information, guests should rely on official brand touchpoints such as the UPAR Hotels website, the About UPAR Hotels page, and published property contact details.
What to do if fraud is suspected
Anyone who interacts with a suspicious booking page or phishing message should stop immediately and avoid entering any further information. It is advised that affected users not to open phishing links, not to share passwords, OTPs, MFA codes, or payment details, and to preserve screenshots or message evidence where possible.
If a suspicious link has already been opened, the same advisory recommends deleting browsing history, cookies, and cache for the last seven days. Guests who have made a payment should contact their bank or card provider immediately and report the issue through official hotel or platform channels.