Imagine this.

You just landed after a 9-hour flight. You’re tired, your phone is at 12%, and all you want is to get to the hotel, shower, and crash.

You pull up your confirmation email at the front desk.

Then the hotel says the words no traveler wants to hear:

“We don’t have a paid reservation for you.”

The booking looked real. The dates were right. The hotel name was right. Maybe the message even came through the same platform you used to book.

But somewhere along the way, a scammer got in the middle.

This is called a reservation hijack — and it is becoming one of the more convincing travel scams to watch for this summer. ✈️

According to reporting from WIRED³⁸ and research from Norton³⁹, hundreds of hotels and accommodations have been caught up in reservation-hijacking scams, with scammers using real booking details to make fake payment requests look legitimate.

So, what is a reservation hijack? 👀

A reservation hijack is exactly what it sounds like: a scammer “hijacks” the trust around a real reservation.

This is not the same as a random fake hotel email that says, “Click here to win a free vacation.”

This scam is more personal.

The scammer may already know your name, hotel, check-in date, confirmation details, or contact information. That makes the message feel real — because parts of it are real.

Here’s how it usually works:

A scammer gets access to hotel booking information or a hotel’s account on a booking platform.

Then they contact you pretending to be the hotel or booking site.

They say something like:

“Your payment did not go through.”

“Please re-confirm your card.”

“Your reservation will be cancelled in 24 hours unless you verify your payment.”

Then they send you a link.

You click it, enter your card information, and think you saved your trip.

But really, you just sent your payment information to the scammer. 😬

Think of it like someone intercepting your DMs before they get to the real account. You think you’re talking to the hotel, but you’re actually talking to someone pretending to be them.

Why is this getting worse right now? 📈

Travel scams always heat up around busy travel seasons.

More people are booking flights, hotels, Airbnbs, activities, and last-minute trips. That means more confirmations, more emails, more texts, and more opportunities for scammers to sneak in.

Reservation hijacking is especially dangerous because it does not always look fake at first.

A message that includes your real hotel name and real travel dates feels trustworthy. And when you are already stressed about a trip, it is easy to react quickly.

That is the whole play.

Scammers are counting on you being busy, distracted, or afraid your reservation will get cancelled.

And if you book most of your travel online, this is the kind of scam you need to know about before your next trip.

Red flags to watch for 🚩

Here are the warning signs that something is off:

• The “hotel” asks you to pay again outside the booking platform.
  If you booked through Booking.com, Expedia, Airbnb, Hotels.com, or another platform, be careful with any message asking you to leave that platform to pay.
• There is pressure to act immediately.
  Scammers love urgency. Anything like “pay in 24 hours or your room will be cancelled” should make you pause.
• The payment link comes through email, text, or WhatsApp.
  A real hotel may contact you, but you should not enter payment details through a random link.
• The link looks almost right but not quite.
  For example: booking-secure.com instead of booking.com. Scammers often use URLs that look official at a quick glance.
• They ask for a wire transfer, gift card, crypto, or unusual payment method.
  No legitimate hotel should ask you to pay for your room with gift cards. Ever.
• The message feels weirdly intense.
  If the tone feels pushy, threatening, or strangely worded, trust that instinct.

How to protect yourself before you travel 🧳

You do not need to panic. You just need to slow down before clicking.

Here’s the checklist:

1. Always pay inside the official app or website.
Do not follow an outside payment link from an email, text, or WhatsApp message.

2. Call the hotel directly if something feels off.
Use the phone number from the hotel’s official website or Google Maps — not the number inside the suspicious message.

3. Screenshot your booking confirmation right after you book.
Save the confirmation number, dates, hotel address, and payment status.

4. Use a credit card instead of a debit card.
Credit cards usually offer stronger fraud protection and chargeback options if something goes wrong.

5. Turn on booking notifications.
If your reservation changes, you want to know right away.

6. Do not let urgency make the decision for you.
If a message says your booking will be cancelled unless you pay immediately, stop and verify directly.

7. Report suspicious messages to the booking platform.
Do not wait. The faster you report it, the better chance the platform has of stopping the scam.

Quick screenshot version 📲

Before you pay for anything travel-related:

1. Stay inside the official app or website.
2. Call the hotel directly if a payment message feels off.
3. Never trust urgency from a random link.

Your reservation might be real.

The payment request might not be. 🚨

Send this to whoever you are traveling with this summer — and follow CyberFlex for more tips to help keep your trip safe before you even leave home. ✈️🔐