In a twist on the ghosts of Christmas past, booking.com is being haunted by the BBC after the broadcaster decided to re-run a story from early November about the site's customers being targetted by "scammers".
A booking.com spokesperson said that "it is the same story as five weeks ago."
A whistleblower has come forward, 'fessing up to having been inadvertently part of the fraud. His input is the only update to the November report.
Oddly, this weekend's story refers to a booking.com customer called "Claire" from west Yorkshire, complete with the mysterious inverted commas. Not that mysterious - the story in November quoted Claire Coldwell from west Yorkshire.
The whistleblower, interviewed for this weekend's consumer affairs program Money Box, said that the scammers had created a fairly sophisticated-sounding "CRM system" which allowed him to automatically send the phishing email, once the initial phone contact had been made.
He confirmed that this CRM system - his words - was not from booking.com. He added that if a customer was suspicious he referred them to a dedicated phone number where other scammers were waiting, pretending to be from booking.com customer service, confirming the fraudulent call and the imminent arrival of the email requesting payment.
It's a major concern that the world's biggest hotel site was "compromised" to such an extent and that contact details and reservation dates fell into the hands of criminals. And while phishing frauds rely on gullible consumers handing over financial details to complete strangers, the brand inevitably gets the blame and the backlash.
NB A Christmas Carol stamp image by Shutterstock