Reservation Hijack Scam: the travel scam that looks exactly like your real hotel booking

You’re so excited for your trip. You book a hotel. Everything looks normal.

Then a message comes in that seems routine, like a standard follow-up message from guest services. It references your trip, including the hotel name, your travel dates, and payment details.

It seems legit, but it’s not. 

This is part of a growing scam trend that threat researchers at Gen (the company behind Norton) call the Reservation Hijack scam. It’s so effective because it leverages confidential details that only you and the hotel you booked with should know.  

In April 2026, Booking.com, a major online travel booking platform, warned that unauthorized parties had accessed some customers’ booking information, including names, contact details, and reservation data, according to reporting on the breach by The Guardian. The number of customers affected was not disclosed. Incidents like this can give attackers the context they need to launch Reservation Hijacking scams.

What is a Reservation Hijack scam?

A Reservation Hijack scam is a type of targeted phishing scam that uses real hotel reservation booking details to make messages feel legitimate, tricking travelers into sharing payment details or sensitive information. 

In advanced cases, scammers gain access to hotel systems or booking platforms like Booking.com, allowing them to contact guests through channels that are normally considered trustworthy and secure. That means the message you receive might not only look real, but also come through a platform you trust, making the scam significantly harder to detect. That’s what makes this scam so effective. It doesn’t ask you to trust an unfamiliar-looking message. It asks you to trust a message that already looks and feels very familiar.

What Norton researchers uncovered

Norton researchers have observed an increase in the number of scams that exploit real booking data and trusted travel platforms.

Key findings include:

• Scammers are increasingly targeting travelers with active reservations, not random users.
• Messages are delivered through trusted channels, including booking platforms and official-looking emails.
• Attacks frequently involve urgent payment requests tied to legitimate bookings.
• The use of real reservation details makes these scams significantly more effective than traditional phishing scams.

How scammers get access to your reservation details

One of the most unsettling parts of this scam is how much attackers seem to know. In some cases, scammers gain access to your reservation details by:

• Compromising hotel or partner accounts by targeting hotel staff with phishing attacks or exploiting weak passwords.
• Exploiting third-party vendors connected to booking systems
• Accessing platform messaging tools to impersonate legitimate properties

How the scam unfolds

A Reservation Hijack scam often starts with a message related to a travel booking you recently made. It could arrive via email, SMS, WhatsApp, or even through a booking platform’s messaging system. Because it references real details, it doesn’t immediately raise suspicion.

The message typically introduces a problem, such as an issue with your payment or a need to verify your reservation. There’s often a sense of urgency, suggesting that your booking could be canceled if you don’t act quickly.

From there, you’re directed to a payment page that appears legitimate but is actually designed to capture your financial or personal information. By the time you reach this step, the context feels so real that many people don’t think to question it.

Why this scam is so convincing

What sets this scam apart is how personal it feels. Instead of guessing, attackers may already know where you’re traveling, which hotel you booked, and how long you’re staying.

That context creates a powerful sense of trust. The message doesn’t feel random or out of place. It feels like part of your typical travel experience.

And that’s exactly the point.

Scammers are no longer just trying to trick you with poorly written emails. They’re using real information and real moments in your life to make their requests feel completely reasonable.

What scammers can do with your information

Falling for a Reservation Hijack scam can lead to more than just a single fraudulent charge.

Depending on what information is shared, scammers may make unauthorized purchases using your payment details, steal personal information for identity theft, attempt additional scams using your data, or disrupt your travel plans if your booking is affected.

The impact can extend beyond your trip, especially if sensitive information is compromised.

How to stay safe while booking hotels

The most important principle to remember is this: trust your booking, not the message.

If you’re ever asked to take action on your reservation, slow down and verify the message independently. A few simple steps can help protect you:

How to avoid a Reservation Hijack scam

• Don’t click payment links in messages: Pause and verify the legitimacy of the message, even if it looks like it’s from your hotel or booking platform.
• Go directly to the source: Log into your booking site or contact the hotel using official contact channels. If the suspicious message is coming from within the platform, try reaching out to the hotel or booking platform by phone. 
• Be cautious of urgency: Don’t feel pressured to act quickly. Urgent language in a message is often a red flag that it’s part of a scam.

These small steps can help you avoid turning a real booking into a material loss.

What to do if you think you’ve been targeted

If you believe you may have interacted with a scam message, act quickly:

1. Contact your bank or credit card provider immediately.
2. Monitor your accounts for unauthorized activity.
3. Change the passwords on your booking and email accounts.
4. Report the incident to the booking platform and relevant authorities.

Taking fast action can help limit potential damage.

Why are these scams increasing?

Scams like the Reservation Hijack scam are becoming more common as attackers adopt more advanced, targeted tactics. Instead of relying on generic phishing scams, they are leveraging personal details, trusted platforms, and tailored messaging to blend their communications seamlessly into everyday experiences.

At the same time, travel bookings have surged, creating more opportunities for scammers to exploit active reservations and reach travelers at the exact moment they’re expecting communication.

The result is a new kind of scam that doesn’t look suspicious at all.

Today, staying safe online isn’t just about spotting big red flags: scams are getting too convincing to rely on intuition alone. Instead, it’s about making sure you have strong Cyber Safety protections in place, adding an extra layer of security even when your guard is down.  

AI-powered software like Norton 360 Deluxe can help keep you a step ahead of scammers by blocking sketchy sites, catching potential phishing attacks, and keeping your personal information locked down so you can travel (and book) with more confidence.