They may be able to get a refund from their bank, but this may depend on their bank's policy and how negligent the customer was.
They will have gone through security on their bank's app or website, which will have warned them about common scams like this and told them to check that what they are doing is legitimate.
I am assuming this is an "Approved Push Payment" scam where people are transferring money from their bank account directly to the fraudster, rather than by using a credit or debit card. If the payments were by card then a chargeback should be easy to file.
Booking.com says the hotel is at fault for having their credentials leaked; the hotel says booking.com failed to protect their account, the bank says the user was phished so it’s not their fault.
IMO if booking.com offers a messaging service which lends far more authority than “just a random person SMSing you” then they’re on the hook for this.
daveoc64|2 years ago
They will have gone through security on their bank's app or website, which will have warned them about common scams like this and told them to check that what they are doing is legitimate.
https://www.psr.org.uk/our-work/app-scams/
I am assuming this is an "Approved Push Payment" scam where people are transferring money from their bank account directly to the fraudster, rather than by using a credit or debit card. If the payments were by card then a chargeback should be easy to file.
wepple|2 years ago
Booking.com says the hotel is at fault for having their credentials leaked; the hotel says booking.com failed to protect their account, the bank says the user was phished so it’s not their fault.
IMO if booking.com offers a messaging service which lends far more authority than “just a random person SMSing you” then they’re on the hook for this.