If you have a hotel, surely you have a Booking account, and that makes you interested in a reality that is worth knowing.
Booking has an affiliate plan. This means that anyone can earn money by recommending a hotel to their friends. The idea is not bad, and you can earn a good extra with the commissions of the reservations.
On their website they explain how this affiliate program works and how much they can earn from it. If we recommend hotels and we get less than 50 reservations per month, we will earn 25% of the commission that Booking applies to the accommodations. On average, with 50 reservations of 100 each, someone could earn about 200 per month.
So far nothing new. Affiliate programs are healthy and favor everyone, the problem is when looking for a way to expand them with strategies from the dark side.
Example of hacking taking advantage of Booking
Let’s see an example:
– A hotel has a website on mihotelvalencia.com– A hacker creates a clone of his website in the domain valenciamihotel.com (same name, changing the order of the words). In this clone there is information about the hotel and a large button called RESERVE, which points to the booking page with the affiliate link, so that each person who makes a reservation there will generate income.
Once the technical part is assembled, the page must be positioned so that it appears well in the search engines, if possible before the original website. For this, the strategy is more complex: the main website is hacked so that Google removes it from its search engine or penalizes it by lowering positions. When someone searches for My Valencia Hotel on Google, they are more likely to land on the cloned page.
We have investigated on the subject and have already found several cases. There is someone who from Germany, for example, has hired dozens of hotel domains supplanting the identity of the originals. Just do a reverse search to see how all these fake websites are on the same server.
Logically, we have no evidence to say that the person who cloned the page is the same as the one who hacked the original website, but it is clear that special attention must be paid in this sector.
And what can we do?
If your hostel or hotel has an unsolicited clone pointing to Booking, talk to your Booking manager and comment on the situation. They will be able to identify who the responsible affiliate user is, and will be able to take action on the matter (such as canceling the affiliate user, for example).
On the other hand, if the cloned site uses copyrighted images (such as room interiors obtained from the original site), you can speak to a lawyer about the misuse.
