OpenTable is urging UK restaurants and diners to be aware of scammers pretending to be employees to provide their credit card details.
Scammers are reportedly calling restaurants pretending to work for OpenTable, an online reservation service, to ask for login credentials.
Once they can log into the OpenTable account, they call customers with reservations pretending to be from the restaurant, and ask for their card details to take or refund a deposit for reservations, The Sunday Times reports.
Victims say they then received a second call or message from scammers pretending to be a bank, asking them to authorize transactions.
Some restaurants, including those that use OpenTable, accept deposits to secure reservations, but card details are usually taken during the reservation process, not afterward.
The scam prompted the San Francisco-based booking company, which is used by thousands of restaurants in the UK, to warn customers about the risks.
One victim told the Sunday Times that a man called Gavin called her and told her she needed to pay a deposit to get the table she requested.
After giving the caller her card details, a £500 transaction showed up on her bank statement. The woman canceled it before it went through.
General manager of Levan in Peckham, Aurelien Noblet, said four customers were tricked into handing over their card details, with transactions of up to £900 made from their bank accounts. They were all refunded.
Action Fraud had received nine fraud reports cited by OpenTable in January and 63 last year, according to the Sunday Times.
OpenTable is reminding restaurants that it will never ask for a password or login information, the Standard was told.
The company also “strongly encourages” all restaurants to establish additional security controls to help protect against fraud, such as two-factor authentication.
“For diners: if you get a call asking for credit card details, don’t share them. Hang up and call the restaurant directly to confirm their identity and whether or not your credit card details are required.”
A spokesman told The Sunday Times that the online service had not been hacked but that “bad actors” had obtained login credentials from a number of restaurants.
Restaurants have been reminded that these types of scams are on the rise across the hospitality industry.
More than 50,000 restaurants use OpenTable worldwide with more than a billion dinners per year.