New Hotel Booking Scam discovered! Recently we booked a room in a well known luxury Hotel. The hotel’s website marked the desired room as not available. So, we looked around on the Internet and got hit by the scam.
It wasn’t the Negresco Hotel in Nice! We chose it to keep the real hotel hidden from the scammers.
How it started
We wanted to pass a long weekend in a luxury hotel where we already had stayed before. We went to the hotel’s own website to book our room. Unfortunately the desired room category hadn’t been available anymore. So we used Google to look whether our preferred category was available on a booking site. Usually we book directly, but sometimes we book over Agoda or Booking.com.
Microsoft’s Bing showed such a result:
The first line looked good. The two others didn’t correspond to the hotel we looked for. So we clicked on the offered link. The answer was fast, the address looked serious and the displayed page had been professionally built.
The URL, the internet address of the website didn’t rise our suspicion because many hotels outsource their booking operation to external service providers. So we went on with our booking.
Also this page looked fine. We then filled in the registration form. There were 3 hints for a scam displayed. We didn’t get aware of them, because we were tired rather late in the night.
- The count-down clock is usually not displayed on booking pages. It runs in the background and before time is up, you are asked, if you need more time. But OK, we didn’t get nervous.
- The booking summary looks serious, but this “Tax recovery charges and service fees” should have lit all our warning lamps. The light didn’t go on – unfortunately.
- This fine-print wasn’t too suspicious. The interpretation follows below.
We discovered the Hotel Booking Scam
When you book a hotel room or an airline ticket, your credit card is charged some days before you check-in. This makes possible cancellations much easier. But guestreservations.com charged our credit card about 15 minutes after the booking had been done. Strange!!! In the bill they sent us by e-mail, they wrote:
This payment will be processed in the United States and will appear on your statement as “cci*Hotel Res”.
By booking this reservation you have accepted the Terms and Conditions.
This was the moment when we felt the heat flaming in our faces. But they offered free cancellation until 2 days before our stay. We clicked on the link, but nothing happened. The only possible contact with them is a phone number in the USA: 01 87 40 67 47. Other numbers are displayed depending from what country you read the website. We tried to find the company, because nowhere on their website is an imprint or a business address.
Trying to track the Hotel Booking Scam
We first went sleeping. Next morning I did a “trace route” to the web server. The result showed: 104.26.7.2. With a “whois” I then found that it is a server hosted by Cloudflare on their Cloudflarenet in San Francisco, California. And the company or person behind guestreservations.com did more to hide their/his identity:
They/he use(s) the services of DomainsByProxy.com in Arizona. So nobody can find the real identity. You would need the service of an attorney in the USA to get more information. This could be a very costly operation. I also suggest to read the “Terms of Use” of the website.
Guestreservation – Terms of Use
The hotel confirmed our suspicion
When we arrived at the hotel, we were already expected. This was a good sign, because having discovered the scam, I feared that the whole money had been gone. I then asked the very friendly staff to see the Front Desk Manager. Ten minutes and a welcome drink later I could talk to the responsible person.
She told me that the reservation had come over Agoda and that everything is OK. When I showed her a hardcopy of the booking form with the famous “Tax recovery charges and service fees”, her jaw dropped. Here is the hotel’s anonymized registration card.
How the Hotel Booking Scam works
First of all, the scammer(s) must know how hotel booking works. Then it could look as this:
- The scammer(s) generates dynamic domain names of the style “hotelname.guestreservations.com”.
- He/they put them as sponsored ads on Google and Bing and probably other search engines. The price per click is high, but the revenue per booking is outstanding.
- The Hotel information and pictures had already been retrieved from Agoda and a script had created the welcome page of the website. They are good javascript junkies.
- When you send your booking information, they retrieve the offers from the Agoda database and sometimes even add pictures.
- When you send all your booking information, their scripts immediately book at Agoda with your data, except the credit card information. Tricky are your phone number and your email address. Because the hotel receives them, but you do not get a confirmation from Agoda.
- They immediately charge your credit card and disappear for ever.
- Nice business with a revenue of about the price of 3 nights in your hotel!
You can help
We now liked try to get in contact with Agoda. But Agoda Company Pte. Ltd. is a subsidiary of Booking Holdings, 800 Connecticut Avenue, Norwalk, Connecticut 06854. Never wake up sleeping wolves. Maybe guestreservations.com is also a hidden member of this holding. This would explain the fast access to Agoda’s database. We do not accuse, we investigate.
If you have also have made reservations with guestreservations.com, please inform us using the comment form below.
We do not accuse, we investigate
While surfing in all directions I found the following:
Fraud! Expedia posing as TripAdvisor to get reservations …