The Japan Tourism Agency has requested a full investigation from Booking.com Japan KK, but the company has yet to comment on the financial damage.

These scams occur as global tourism levels rise following Covid-19 border restrictions.

Anonymous cybersecurity specialist Piyokango helped Kyodo News identify 118 accommodation businesses in 21 prefectures that had been hacked since June 2022.

Fraudsters sent emails with malicious links to Japanese hotels, allowing hackers to steal their Booking.com credentials.

The hackers then sent fake cancellation notices to customers, requesting advance payment to keep their reservations.

Customers were directed to input their card details into a fake website.

In August 2021, a hotel fell victim to a phishing scam when an employee clicked on a link claiming to be a list of a customer's food allergies.

The scammers exploited the hotel's desire to accommodate customers' needs.

This type of scam was first reported in Europe in 2022 and later spread to hotels in the US, Asia, and Oceania.

Booking.com, a popular booking platform, stated in December 2021 that they do not request customers to provide card details via chat or email.