Coya, A restaurant in Mayfair is warning its customers following a reported booking scam.
The high-profile Mayfair restaurant, has issued a warning after becoming the target of a booking scam involving fake websites, phone calls and emails designed to trick guests into making false reservations and payments.
The Peruvian-inspired restaurant confirmed that fraudulent activity has been impersonating the business and misleading diners with illegitimate booking systems.
Coya, which operates globally with restaurants in Dubai, Monte Carlo, Paris and Marbella as well as its Mayfair flagship, has moved quickly to reassure guests.
In a statement shared on social media, Coya said it had “taken immediate action and [is] closely monitoring the situation to protect our guests.”
The post read: "We’ve been made aware of fraudulent activity impersonating Coya – including fake websites, phone calls, and emails – attempting to mislead guests with false booking systems and payment requests.
"Please always book and enquire through our official Coya channels, including the reservations number and email address listed above.
"If you see anything suspicious, please report it immediately and contact our team directly. We’ve taken immediate action and are closely monitoring the situation to protect our guests. Thank you for your vigilance and continued support."
Similar scams affecting the hospitality industry in London
COYA’s alert is sadly not an isolated case. In recent years, several London restaurants and booking platforms have warned about scams
involving impersonation, phishing, fake deposit requests and misuse of booking systems. Here are some of the most notable examples:
-
OpenTable scam: Fraudsters have posed as staff from OpenTable or restaurants to request customers’ credit card details to pay deposits. Once they obtain login credentials they’ve used the restaurant’s name to contact customers to make false payment demands. Several restaurants reported customers being asked for deposits via phone calls after booking via OpenTable.
-
Booking.com account takeover scam: Between June 2023 and September 2024, more than 500 reports were made to Action Fraud after criminals hacked into hotel accounts on Booking.com (or used phishing to gain access), then sent messages to customers via those accounts. These messages often requested payment or verification of card information, usually through false links. According to Action Fraud, the total losses reported exceeded £370,000.
-
Reservation fraud warnings by Cifas: Fraud prevention and trade bodies have repeatedly advised both restaurants and customers to be alert. Tactics include scammers posing as restaurant staff, asking for payments outside the normal reservation process, using fake booking confirmation sites or phone calls.
-
Bots, fake accounts and phishing: Cybersecurity researchers have found that many restaurant booking platforms are vulnerable to bot attacks, credential stuffing, and the creation of fake accounts. Attackers exploit weak authentication measures and sometimes fake or automated reservation volumes to mask fraud.
written by abi kinsella
