OpenTable is urging UK restaurants and diners to be aware of fraudsters pretending to be employees to con customers into providing their credit card details.
Scammers are reportedly calling restaurants pretending to work for OpenTable, an online reservation service, to request login credentials.
Once they can login into the OpenTable account, they call customers with bookings pretending to be from the restaurant, and ask for their card details to take or refund a deposit for reservations, The Sunday Times reports.
Victims say they then received a second call or message from scammers pretending to be their bank, asking them to authorise transactions.
Some restaurants, including those used by OpenTable, take deposits to secure reservations, but card details are normally taken during the booking process, not afterwards.
The scam has prompted the San Francisco-based reservation company, which is used by thousands of restaurants in the UK, to warn customers of the risks.
One victim told the Sunday Times she was called by a man named Gavin who told her she needed to pay a deposit to secure the table she had requested.
After giving the caller her card details, a transaction of £500 showed up on her bank statement. The woman cancelled it before it went through.
General manager at Levan in Peckham, Aurelien Noblet, said four customers were tricked into giving their card details, with transactions of up to £900 made from their bank accounts. All have been refunded.
Action Fraud had received nine fraud reports mentioning OpenTable in January and 63 last year, according to the Sunday Times.
OpenTable is reminding restaurants that it will never call for password or log-in information, the Standard has been told.
The company also “strongly encourages” all restaurants to set up further security controls to help protect against fraud, such as two-factor authentication.
“For diners: if you receive a call asking for credit card details, do not share them. Hang up and call the restaurant directly to confirm their identity and whether or not your credit card details are needed.”
A spokesperson told the Sunday Times the online service had not been hacked but rather “bad actors” had obtained login credentials from some restaurants.
Restaurants were reminded that these types of scams are on the rise across the hospitality industry.
More than 50,000 restaurants use OpenTable globally with more than a billion diners annually.