This cybersecurity investigation has identified a sophisticated scam campaign involving three debt collection companies operating in coordination with fraudulent domain spoofing activities targeting major travel booking platforms. The campaign centers on Credits, Incorporated (28 CFPB complaints), ACCOUNT SERVICES INC. (8 CFPB complaints), and Credit Corp Solutions Inc. (2743 CFPB complaints), all operating in the debt collection industry. These entities demonstrate high-confidence connections to spoofed versions of legitimate domains, particularly targeting hotels.com and leveraging cryptocurrency-related domains like www.earncrypto.com registered through NAMECHEAP INC on December 13, 2013.
The technical infrastructure analysis reveals a complex web of shared reporting patterns, with hotels.com showing perfect correlation (confidence: 1.00) to www.earncrypto.com across multiple complaint reports. Credits, Incorporated and ACCOUNT SERVICES INC. both demonstrate strong connections (confidence: 0.85) to both the spoofed hotels.com domain and the cryptocurrency platform. Additionally, the campaign shows lower-confidence but significant connections to other major travel platforms, with hotels.com co-reported alongside expedia.com (confidence: 0.35) and mxtoolbox.com (confidence: 0.30), suggesting broader targeting of travel-related services.
Consumer impact data indicates significant financial harm, with community reports highlighting systematic issues including "bogus fees from hotels after cancelling bookings" and fraudulent charges processed through PayPal accounts. One detailed community report with 13 upvotes describes victims wasting hours attempting to recover money from fake hotel charges, while another report details complete loss of payment for products never delivered, with scammers subsequently disappearing from advertising platforms. The total complaint volume of 2,779 CFPB complaints across the three connected debt collection companies indicates widespread victimization.
To protect yourself from this campaign, never provide payment information to unsolicited debt collection contacts, especially those claiming to represent travel booking services. Always verify legitimacy by contacting the official customer service number found on the company's official website, not numbers provided in emails or calls. If contacted by these entities, hang up immediately, do not click any links in emails, and report the incident to the FTC at reportfraud.ftc.gov or file complaints with the FCC. Before engaging with any travel booking or debt collection communication, verify phone numbers and domains using official company websites or trusted verification services.
This campaign represents a high-threat level operation combining debt collection fraud with domain spoofing targeting the travel industry. The sophisticated infrastructure connections and substantial complaint volumes indicate an organized, ongoing operation. Consumers should exercise extreme caution with any communications claiming to represent hotels.com, expedia.com, or cryptocurrency earning platforms. Recommended next steps include monitoring financial statements for unauthorized charges, implementing additional payment verification procedures for travel bookings, and reporting any suspicious contact attempts to appropriate federal agencies for investigation.