Warning about scams targeting the hospitality sector

ANALYSIS of crime reports by the National Fraud Intelligence Bureau reveals that the hospitality sector is increasingly being targeted by criminals impersonating IT providers.

Typically, fraudsters will call restaurants and hotels purporting to be a representative of the company that provides their reservation.

The criminals will try to convince the employee to reveal their login details, often under the guise that it's required in order to complete an important software installation.

Once an attacker gains access to a business’s computer systems, they'll steal any customer data they come across, this will often include databases of customer names and contact details.

Also in the news

CODS technical team triumphs with award nomination

Rishi Sunak's NHS pledge one year on: Waiting lists down at the Royal Devon University Healthcare Foundation Trust despite national rise

Exeter City FC Captain opens newly renovated Morchard Bishop C of E School library

Two-thirds of A&E arrivals in the Royal Devon University Healthcare Trust seen within four hours – missing NHS target

This data will then be used to perpetrate targeted phishing scams that are highly convincing.

For example, victims have reported receiving calls from people impersonating a restaurant or hotel they have a reservation with. The caller requests a payment from the victim claiming that it's required in order to confirm their reservation.

How to protect your business:

• Ensure that business accounts are protected using 2-step verification (2SV). This will help to prevent unauthorised access to your computer systems even if an attacker knows an employee's login details.

• Employees who communicate with your suppliers should be informed of what types of information a supplier will and won't ask for. For example, a supplier will never ask for an employee's password. Staff should be encouraged to speak with a supervisor if they've received a request they're unsure about.

• If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please telephone 0300 123 2040 immediately. This service is available 24 hours-a-day, seven days-a-week.

• For more advice on how to improve your business’s cyber security in an affordable and practical way, please see the National Cyber Security Centre's Small Business Guide: https://www.ncsc.gov.uk/collection/small-business-guide .

Recommended police services available to organisations in the hospitality sector:

Police CyberAlarm is an award-winning free tool, provided by your local police force, to help your business or organisation monitor and report the suspicious cyber activity it faces. More information can be accessed on the Police CyberAlarm website: https://www.cyberalarm.police.uk .

The South West Cyber Resilience Centre (SWCRC) is a police-led, not for profit initiative which helps businesses better protect themselves against cyber threats.

Visit the SWCRC website to discover the full range of available cyber security services: https://www.swcrc.co.uk .

Cyber Essentials is a scheme which helps organisations guard themselves against the most common cyber threats and demonstrates a commitment to cyber security.

Find out more about how to achieve certification on the NCSC website: https://www.ncsc.gov.uk/cyberessentials/overview .

Warning about scams targeting the hospitality sector

Newsletter Sign up