Travel site phishing scam and genealogy site data breach | Avast

Avast Security News Team, 8 June 2018

Booking.com users get phished, MyHeritage gets mysteriously hacked, and Apple amps up cybersafety.

Booking.com users get phished

Some unfortunate travelers had their thirst for adventure rewarded with a steaming mug of scam. Users of the popular travel-booking site booking.com received bogus texts directing them to change their passwords “due to a security breach.” A malicious link in the text, if clicked, gave the phishers access to that user’s bookings. A second text then capitalized on the booking data by demanding bank info to “process payment” for the user’s specific trip. Booking.com is part of the hospitality magnate that includes priceline.com, kayak.com, and opentable.com. A spokesperson for the site states their system was not compromised, pointing to select hotel partners as the attack victims. The company claims all impacted guests have been notified and that any damages will be compensated.

States request almost $210M for midterm cybersecurity

As we reported back in April, the US Congress unlocked $380M in election security and cybersecurity upgrades. To claim the money, each state had ninety days to submit proposals of how the money would be allocated. In a press release on Tuesday, the US Election Assistance Commission (EAC) announced that 26 states have requested the funds, bringing the grand total just under $210 million. The Commission is fast-tracking the funds in the hopes they can be put to use in time to bolster security for the 2018 midterms.

92M MyHeritage passwords discovered

In a statement on Monday, genealogy service MyHeritage reported the discovery of an outside server that held the email addresses and hashed passwords of all MyHeritage users up through October 26, 2017, totalling just over 92 million. There is no evidence that the breached data had been used, but MyHeritage officials urge all users to change their passwords, adding that they intend to ramp up cybersecurity measures.

“Even if we are really careful and take all necessary measures to protect our information in our devices, we cannot control what happens in the outside world,” says Avast Security Evangelist Luis Corrons. “If a company that has our credentials stored is compromised and suffers a data breach, that means the attackers could get access to our credentials.” He adds that a user’s best protection is to avoid reusing passwords (a password manager makes this easily possible) and to take advantage of two-factor authentication whenever it is offered.

Apple amps up anti-tracking  

At their Worldwide Developers Conference on Monday, Apple introduced a batch of new features coming to iOS, including a more privacy-forward Safari. They are calling the new set of defensive tools “Intelligent Tracking Prevention 2.0.” The new version of the browser prompts users whenever a website tries to deploy a tracking cookie or access any of their data. It will hide the data that allows advertisers to assign digital fingerprints to each device, and it will promote stronger password usage.

VPNFilter damage worse than expected

“This looks like a really advanced attack, we could be looking at some state-sponsored group here,” suggests Avast Security Evangelist Luis Corrons. As cybersecurity experts continued their study of the router-infiltrating malware VPNFilter, they had two revelations. One was that the malicious program had infected twice the number of routers than originally suspected, targeting twice the number of brands. The other was that the damage went deeper than initially thought, reaching beyond the infected routers and into any network connected to them. “Most of the attacks that target IoT devices abuse either weak/default passwords or vulnerabilities.”


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Learn more about products that protect your digital life at avast.com. And get all the latest news on today’s cyberthreats and how to beat them at blog.avast.com.