Revinate

Sharpening your instincts to foil phishing attempts

Sharpening your instincts to foil phishing attempts

Published On: January 7, 2025Last Updated: January 8, 2025

Imitation may be considered the highest form of flattery. Bad actors on the internet, though, fall outside the consideration set. As phishing attempts become increasingly sophisticated, hoteliers need to stay vigilant and implement robust security measures. Many security measures include automation and technology. The first line of defense will always be the individual, be they a guest or an employee of the hotel.

At Revinate, we are here to work with you to protect your hotel and guests from these malicious attempts.

Best practices for prevention

Recognizing phishing attempts

The best way to prevent a phishing attack is to recognize it. Phishing attacks are often disguised as legitimate communications. Be on the lookout for:

  • Emails with urgent requests or threats
  • Messages containing unexpected attachments or links
  • Requests for sensitive information (such as login credentials, billing information, etc.)
  • Poor grammar or spelling errors
  • Suspicious sender email addresses

Secure your systems

  • Ensure all your vendors have MFA turned on. Revinate has implemented multi-factor authentication (MFA) for all accounts that are not Single Sign On
  • Use strong, unique passwords and a password manager
  • Regularly update and patch all software and systems

Train your staff

  • Conduct regular phishing awareness training sessions
  • Perform simulated phishing exercises to test staff readiness
  • Encourage a culture of security awareness and reporting

Protect your online presence

  • Never use search engines to access login pages, but bookmark them instead
  • Verify the authenticity of websites before entering credentials
  • Implement AI-based threat detection for email traffic

Safeguard guest information

  • Secure your hotel’s WiFi network
  • Educate guests about potential phishing risks
  • Use secure methods for handling guest payment information

Responding to phishing attempts

If you suspect a phishing attempt:

  1. Don’t click on any links or download attachments
  2. Report the incident to your IT department immediately
  3. If credentials were compromised, change passwords immediately
  4. Inform affected parties if any data breach occurred

Guest communication

If you believe someone at your hotel was duped by a phishing attack, and your guests may be impacted, immediately communicate with them using a clear, transparent, and actionable message.

Recommended communication

Dear Valued Guest,

At [Hotel Name], your safety and security are our top priorities. We want to help you protect yourself from potential online booking scams and ensure a worry-free travel experience.

Quick security tips:

🔒 Book directly: Always use our official website or verified booking platforms

💳 Secure payments: Only use encrypted payment methods

📱 Verify communications: We’ll never request sensitive information over the phone or via email. Scammers may try to impersonate a company through calls, texts, and emails.

Red flags to watch:

  • Unsolicited emails asking for personal details
  • Deals that seem too good to be true
  • Requests for immediate payment through unusual methods

How to protect yourself:

  • Verify website URLs
  • Use strong, unique passwords
  • Check sender email addresses carefully

If you have concerns, please contact our team directly at [Phone Number] or [Email Address].

Warmest regards,

<Hotel Name>

**

Bad actors try to imitate Revinate, too

Email communication is not the only way the bad guys are trying to dupe your hotel employees. In December, the Securities Commission Malaysia released a list of potential clone companies, and we were made aware that an organization out there calling itself Revinate Tech Services was on that list. This list serves primarily as a warning for investors. Still, as a hotelier, you should also be aware that entities are trying to capitalize on Revinate’s brand and reputation.

Our customers have also alerted us to a website trying to copy us. Please be aware, and if you see a webpage like this, don’t click!

Revinate phishing scam

We’ve filed a complaint with the web hosting service, but the site remains active today. Bottom line, anyone who contacts you from Revinate Tech Services, Revinate Work Bench, or any other variation of our name…that’s not us!

Revinate takes data security very seriously. Modern phishing attacks can create challenges; we are here to help. We hope the information shared here will help your employees and guests be aware of (and avoid falling for) phishing attempts to grab valuable guest data. If you would like us to share further information on best practices to help prevent phishing against your employees, please let us know, and we will be happy to share the approach we take internally.

Related Posts

Insights that drive results. Subscribe now to get all the latest content.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. View our Terms & Conditions here. *Required fields.

Name(Required)
This field is for validation purposes and should be left unchanged.