sing-in-token-op.com

Risk Category: Confirmed Phishing & Credential Harvesting

URLert.com has classified the domain sing-in-token-op.com as a severe security threat. Our analysis, supported by verified community intelligence, confirms that this domain is actively engaged in deceptive activities designed to steal sensitive user information and compromise online accounts.

• Targeted Phishing: Evidence indicates this domain is specifically being used to impersonate booking.com. It utilizes deceptive interfaces to trick travelers into providing their account details.
• Credential Theft: The site is configured for credential harvesting, specifically targeting login credentials and authentication tokens. This poses a direct risk of unauthorized account access and potential financial fraud.
• Deceptive Naming: The domain uses a common "typosquatting" or social engineering tactic, employing the phrase "sing-in-token" (a misspelling of "sign-in") to mimic legitimate authentication services.
• Infrastructure Observations: The domain is currently hosted via Proton66 OOO, a provider often associated with hosting malicious or high-risk infrastructure.

Immediate Action Required: Do not visit this domain or enter any information into forms associated with it. If you have previously interacted with this site or provided your booking.com credentials, change your passwords immediately and enable two-factor authentication (2FA) on all affected accounts to prevent unauthorized access.