You’ve made your flight plans and booked your hotel but are less than thrilled about how much you had to pay for your upcoming vacay.
So, when you receive an email from the hotel that offers you a discount on your stay if you follow a few simple steps, you happily oblige.
While this all sounds reasonable enough, it’s actually a red flag. There’s a new hotel phishing scam lurking — here’s why you should be careful if you’re offered a discounted rate.
Recent Hotel Phishing Scam
A Reddit user recently reported falling victim to a phishing prepayment scam involving a Design Partner hotel of Marriott in Mexico.
After they made their hotel reservation at the property, they received an email from the hotel reservation email address about the reservation. The email offered the option to prepay via PayPal for a small discount on the rate and a welcome drink as incentives. The user took advantage of the offer.
However, when the user called the hotel at a later date to confirm their reservation, they were informed that the hotel did not have any record of the reservation. To help find out what exactly happened, the user forwarded the entire email thread offering the discount for prepayment to the same hotel reservations email address that sent the original email offer for the discount. It was, in fact, the legitimate address.
“At this point, over the phone, the front desk claimed that their email had been hacked,” said the user. “However, I’m inclined to believe that there may have been a bad actor at the hotel, possibly even someone at the front desk. Since then, I’ve made numerous calls to the front desk and sent emails to the reservations address, requesting to speak with the hotel owner to discuss the best course of action moving forward. Unfortunately, I have yet to receive a response.”
So, the user not only did not have a reservation booked as they had expected, but they also lost the money they paid for the hotel reservation.
How To Avoid Hotel Phishing Scams
Unfortunately, anyone who does business online can become the target of a hotel phishing scam.
“Hotel phishing scams are fraudsters who reach out through email or a website impersonating a hotel representative asking people to re-confirm their payment information and personal details for an upcoming reservation,” said consumer scam expert, Clayton LiaBraaten, who is an executive advisor at Truecaller with 20+ years of cybersecurity experience.
“These types of scams are becoming more common with technology, like AI, being used as a powerful tool for scammers to detect vulnerable victims.”
In defense of the victim of the hotel phishing prepayment scam, the email offer did come from the hotel’s reservation email address. This alone made it appear to be a legitimate offer. However, before happily accepting such an offer, here are some things to consider.
Always Make Reservations Directly Via the Hotel’s Websites
“When booking hotel rooms, make the reservation directly through the hotel chain’s website rather than online travel agencies like Expedia or Booking.com to abstain from potential scammers,” said LiaBraaten.
Do Not Make Transactions Based on Unsolicited Emails
“Do not click on links from any unsolicited emails that claim to be from a hotel offering to upgrade your room at a discounted price,” LiaBraaten said. “Even though you have booked a room through the hotel company, directly reach out to their customer service’s phone number from their website or engage with the chatbot on their mobile application to confirm if the email you received is legitimate and take it from there.”
The Holiday Season Is Prime Time for Scammers To Strike
“Hotel phishing scams will increase in the coming months as we head into the holiday season and it’s important for people to be cautious on who is reaching out to them via email or phone,” said LiaBraaten.
More From GOBankingRates