SafariBookings Scam

Cybercriminals are exploiting the travel industry with a phishing campaign known as the SafariBookings Scam. These emails are not connected to any legitimate companies, organizations, or service providers. They are designed to appear as official messages from a travel booking service, but their sole purpose is to deceive recipients into revealing sensitive personal information. Falling victim to these messages can result in account hijacking, financial loss, and identity theft.

How the Scam Works

The scam emails claim that a client, often using a fabricated name like Balogh from Canada, has requested a quote for a safari tour. The messages provide specific details such as an 8-day safari for 10 adults, with a purported value of $9,200 or €9,000. They create a sense of urgency by insisting the recipient accept or decline the request within three working days, warning that the quote will otherwise be assigned to another vendor.

Recipients are directed to click a link labeled as 'view quote requests', which leads to a deceptive website. The site mimics the appearance of a legitimate document and requests the recipient’s email address and password to 'view' the document. Once provided, these credentials allow scammers to access personal accounts, including email, social media, or gaming platforms, which can then be exploited for a variety of malicious purposes.

Risks of Falling for the Scam

The consequences of engaging with this scam extend far beyond simply losing an email password. Attackers may:

• Use stolen credentials to spread additional scams and phishing campaigns.
• Install or distribute malware to compromise devices and networks.
• Steal money, sensitive personal information, or identities.
• Exploit accounts for fraud or impersonation.

In addition, some emails may carry malicious attachments disguised as Word or Excel documents, PDFs, scripts, executables, or compressed files like ZIP or RAR. These files may automatically activate malware when opened or after the recipient enables macros or performs other actions. Similarly, links embedded in the emails could lead to automatic malware downloads or websites that trick users into running harmful programs themselves.

Red Flags to Identify SafariBookings Phishing

• Unexpected emails claiming urgent travel requests.
• Requests for login credentials to view 'documents' or quotes.
• High-pressure deadlines to respond within a short timeframe.
• Sender addresses that do not match the official SafariBookings domain.

Protective Measures Against the Scam

• Do not click links or download attachments in unsolicited emails.
• Verify requests directly through official websites or known contacts.
• Maintain up-to-date security software on all devices.
• Report suspicious emails and delete them immediately.

Final Warning

The SafariBookings Scam is carefully designed to appear legitimate while aiming to steal credentials and compromise accounts. Vigilance is essential: never provide personal information in response to unsolicited emails, and always double-check the authenticity of any travel request before taking action. Being cautious can prevent financial loss, malware infections, and identity theft.