WA ScamNet is warning travellers about unexpected messages from their accommodation providers seeking additional credit card verification, as it could be the work of scammers who have hacked into the hotel’s computer system.

How the scam works

• Scam begins with the scammer targeting a hotel by posing as a genuine customer who needs help with downloading some ‘important’ information regarding an upcoming stay.
• They might claim to suffer from allergies to cleaning products and need the hotel to cross-reference the substances used, or they could ask for a map they’ve created to be printed off for their technology-challenged parents.
• Whatever the excuse, the endgame is the same – once the hotel employee downloads the malware-infected documents, the scammer will have full access to their sensitive information, including login credentials, financial details and contact information for their other customers.
• That’s when the scammer ups the ante by sending a convincing message to the hotel’s future guests asking for additional credit card verification as soon as possible via a fake booking link (see screenshot on right)

How to protect yourself

• While this is a very sophisticated scam, consumers can beat the scammers by following WA Scamnet’s usual advice to protect against malware and phishing.
• Avoid clicking on unexpected or unsolicited links, even from a business that you trust.
• If you receive an unexpected message from a business, contact the company directly at an official email address or phone number to confirm the veracity of the message. Do not rely on contact details in an unexpected message.
• Be suspicious of messages which encourage you to act quickly, to avoid detriment.
• Check URLs carefully for indicators of deception.
• Never enter personal or banking details into any website unless you are certain that the website is genuine.

Recovery

• If you have provided your financial information through a suspicious link or in response to an unexpected message, contact your financial institution immediately and follow their guidance on securing your finances.
• If you believe your email account may have been compromised, secure it by changing your password to a unique passphrase and setting up two factor authentication. Make sure you check for unauthorized activity. Log out of any sessions you do not recognise.

• If you provided any personal identity information to scammers, visit the IDCARE website or call them on 1800 595 160.
• If you clicked a suspicious link or opened an attachment, follow the Australian Cyber Security Centre advice on detecting and removing malware on cyber.gov.au.
• If your business has been affected by a cyber security incident, report it using the business report function on cyber.gov.au.

If you are unsure or have any doubts, contact WA ScamNet on 1300 30 40 54 or lodge a report online.