Fake Booking / Hotel Message Scam Examples
This message impersonates a hotel or booking platform, warning that a card payment failed or needs "re-verification," sometimes quoting a real reservation date or reference number to look convincing. The scammer wants your full card number, expiry, and CVV, plus any one-time banking code sent to confirm the "update," which lets them make unauthorized charges or drain funds. It works by mixing genuine-looking booking details with manufactured urgency about losing your reservation. The most important step is to never enter payment details through a link in the message — log into the booking platform directly through its official app or site instead.
Last reviewed: 1 June 2026
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Reservation [reference]: your card was declined. Re-verify within 2h to avoid cancellation: [fake link]
[Hotel] here — to secure your stay, please confirm your card number, expiry and CVV: [fake link]
Pre-authorisation failed for booking [reference]. Update payment now: [fake link]
What the scammer wants
To capture your full card details (including CVV) and sometimes a one-time banking code, using real booking references to appear legitimate.
Red flags in the message
- Urgent 're-verify or lose your booking' message
- Requests for full card number, CVV, or a banking one-time code
- Link to a domain that isn't the official hotel/platform
- Genuine-looking booking details used to build trust
A safe response
Do not click. Contact the hotel or platform through its official app or the phone number on its website to check your booking. Real providers don't need your CVV by message.
What not to send
- Full card details / CVV
- One-time banking codes
- Personal information
What to do if you already replied
- Call your bank immediately if you entered card details
- Report the message to the booking platform
- Monitor your statement for unauthorised charges
Evidence to preserve
- Screenshot the full message or call details
- Note the sender number, email, or profile
- Save any links (without clicking) and payment details
- Record dates and times
Frequently asked questions
The message knew my real booking reference and dates — how is that possible if it's a scam?
Scammers frequently gain access to hotel or property-manager accounts on booking platforms (through weak passwords or prior breaches) and pull real guest details from there, not from hacking your personal accounts. Knowing your booking doesn't mean your bank or email was compromised.
I already re-entered my card details on the link — what now?
Contact your card issuer right away to block the card and dispute any charges, and change the password on your booking platform account as a precaution. Also flag the fake message to the platform's fraud or support team so they can warn other guests.
Should I still trust messages from this booking platform going forward?
Yes, but verify anything asking for payment or login details by going directly to the app or official website rather than clicking links in messages, even ones that look legitimate. Genuine payment issues are also visible in your account's booking history.
Can I get my booking cancelled or refunded because of this scam?
That depends on whether any money actually moved and through what method — contact the booking platform's support and your bank directly to explain the situation; they can advise on dispute options and whether your reservation is still valid.