Customer Advisory on Phishing Emails
‘Phishing’ is one of the most common types of email fraud. It takes place when a perpetrator sends a fake email message that appears to come from a legitimate company in an attempt to obtain personal and/or financial information.
A typical phishing email will direct recipients to click on a link that redirects them to a fake website that looks like the real website. Once on the fake site, the email recipient is asked to disclose personal information (e.g. a credit card number or account information) that is later used to commit fraud. Sometimes a phishing email will ask the recipient to email various personal details or may also have attachments that may contain potential email viruses.
How to Identify a Phishing Email
Typical signs of a phishing email include:
Phishing emails tend to create a false sense of urgency, with messages such as ‘Your Account Is Suspended’ or ‘Urgent: Financial suspension – log in to pay’. Scammers will always adapt their techniques in order to make their phishing emails look as legitimate as possible.
Errors and Mistakes
Phishing emails often include spelling errors or grammatical mistakes. If you spot numerous spelling/grammar mistakes or a mix of different languages in the same email, it’s likely a phishing email.
A phishing email will also be typically written entirely or partially in a language that doesn’t match your own. You can always check the real sender in the ‘From:’ field of your email client and check the sender located inside the arrowheads (‘<’, ‘>’).
Never Send Sensitive Information by Email
Please note that Minor Hotels, or any of our brands, will never send you an email requesting your username, password, credit card, social security, or national insurance numbers. If you receive an email that looks like it is from us, but asks you for your credit card number, social security, or national insurance number, it is a fraudulent email or ‘phish’.
If you receive an email claiming to be from Minor Hotels or our hotel brands (Anantara Hotels, Resorts & Spas; Avani Hotels & Resorts; Oaks Hotels, Resorts & Suites; NH Hotels; NH Collection; nhow Hotels; Elewana; or Tivoli Hotels & Resorts) that you believe may be fraudulent, do not respond, and do not click on any links or open attachments contained within the email.
What to Do If Your Information Has Been Compromised
If you believe ‘phishers’ have obtained access to your personal or financial information, we recommend that you:
- Change your account password.
- Scan your device with an updated malicious software scanner. Not all phishing attacks steal passwords – some can have malicious software embedded in a ‘file’ that may be malware, spyware, ransomware, or a virus. It is very important to scan your device if you think you clicked on a malicious link or downloaded unrecognised files.
- Contact credit reporting services and have a fraud alert attached to your credit report file.
- Contact us immediately to let us know that your account may have been compromised by a phishing attack.
Please be aware that the perpetrator may attempt to use your information to establish accounts or obtain credit at other businesses in their name or yours. We will not be able to secure your information and we will not be liable for any resulting breach of any law if you reveal your password to anyone.