[HLUG] Odd security email

Tom English tom at englishponies.co.uk
Sun Oct 13 12:02:53 UTC 2019 

 

If they've "locked" it how you meant to login to change your password? 

Are there any links in email which would go to a "reset password" page
perhaps not on booking.com? 

You could change it as a precaution - but make sure you login from their
website not any links. 

Have you checked the email source to see if it appears genuine? 

On 2019-10-13 12:27, Julian Robbins via Herefordshire wrote: 

> Hi Everyone
> 
> I just received the email purporting to be from booking.com
> 
> First time I've seen an email quite like this.
> 
> Read the message below then come back.
> 
> Firstly, if they say they think my password has been compromised but via
> another unconnected site . If it's unconnected how do they know my password
> has been hacked? Perhaps they routinely run passwords against the 'have I
> been owned list' ?
> 
> It is very good security advice they give especially regarding changing
> passwords and enabling TFA, but how do they know my password on a site
> unconnected to them?
> 
> Answers in a postcard please?
> 
> Julian
> 
> As a precaution, you need to reset your Booking.com password
> 
> Hi Julian,
> 
> We're getting in touch to let you know we have temporarily locked your
> Booking.com account.
> 
> During routine security monitoring, we discovered that your login
> credentials may have been compromised via another site unconnected to
> Booking.com. Because many people use the same email and password
> combinations across multiple sites, we have temporarily locked your account
> as a precaution. Your Booking.com account is safe and has not been
> compromised.
> 
> To access your account again, you simply need to reset your password. We
> strongly advise you to do the same for any other sites and services where
> you use the same password, creating a strong, unique password for each one.
> 
> Resetting your password can be done in four easy steps:
> 
> - Go to the Booking.com homepage
> - Select 'Sign in' at the top of the homepage
> - Click the 'Forgot your password?' link
> - Enter your email address and we'll send you a link to reset your
> password
> 
> Enabling two factor authentication (where an additional log-in code is sent
> to you, usually via a mobile device) is also one of the best ways you can
> ensure the safety of your online accounts. You can enable this for your
> Booking.com account in the Security tab on your Booking.com account
> settings.
> 
> We take your security and privacy very seriously, and will contact you
> quickly if we notice anything unusual in the future.
> 
> Many thanks,
> 
> The Booking.com Security Team

More information about the Herefordshire mailing list