Servus, Kameraden.
Wir hatten jetzt die letzten Tage Anfragen, das Gäste (gebucht über booking.com) über
angebliche whatsapp Nachrichten nach weiteren Daten gefragt wurden.
Booking.com und die Mews Datenbank verfügen über die richtige Mobilnummer. Es ist aktuell für uns nicht einsehbar, ob die Daten bei booking.com, über Mews oder “in the middle” abfließen.
Gibt es weitere Häuser hier, die aktuell ähnliches erfahren?
Best answer by rui.oliveira
Hi
Thanks for raising this, and sorry to hear your team was caught out. It happens more than people admit, and it's important that the community talks about it openly.
The fake login page issue is a real and recurring one. Bad actors spin up convincing copies of the Mews login and buy search ads or rely on staff searching "Mews login" and clicking the first result. One click is all it takes.
A few practices that significantly reduce the risk:
- Bookmark the real Mews login URL and make it a team rule to only ever use the bookmark – never search for it
- Enable single sign-on (SSO) with your identity provider if your IT setup supports it – this removes the password entirely as an attack surface
- Turn on two-factor authentication for all Mews users, we recommend Passkeys, or @FA by email link, even if credentials are captured, 2FA stops the attacker from getting in
- If anyone on the team suspects they've entered credentials on a fake page, reset the password immediately and check for any unusual activity in the audit log
- Train staff to look at the URL before entering anything – the real domain is app.mews.com
On the broader Booking.com situation: it's affecting properties everywhere right now. The combination of OTA account takeovers and phishing pages targeting PMS logins is a serious pattern across the industry. Staying vigilant and sharing incidents like this in the community is genuinely useful for everyone.
Thanks
+2Guten Morgen
ist ist ein offenes Geheimnis, dass booking.com ein Datenleck hatte vor einigen Tagen/Wochen.
Zusätzlich sind wieder vermehrt SCAM Seiten für den MEWS Login online. sobald der MA nach MEWS Login googled, könnte es ebenso passieren. (Diesen Vorfall hatten wir leider selbst intern)
Ich drücke euch die Daumen, dass es nicht zu so einem Vorfall gekommen ist sondern wirklich nur booking.com ist.
Hi
Thanks for raising this, and sorry to hear your team was caught out. It happens more than people admit, and it's important that the community talks about it openly.
The fake login page issue is a real and recurring one. Bad actors spin up convincing copies of the Mews login and buy search ads or rely on staff searching "Mews login" and clicking the first result. One click is all it takes.
A few practices that significantly reduce the risk:
- Bookmark the real Mews login URL and make it a team rule to only ever use the bookmark – never search for it
- Enable single sign-on (SSO) with your identity provider if your IT setup supports it – this removes the password entirely as an attack surface
- Turn on two-factor authentication for all Mews users, we recommend Passkeys, or @FA by email link, even if credentials are captured, 2FA stops the attacker from getting in
- If anyone on the team suspects they've entered credentials on a fake page, reset the password immediately and check for any unusual activity in the audit log
- Train staff to look at the URL before entering anything – the real domain is app.mews.com
On the broader Booking.com situation: it's affecting properties everywhere right now. The combination of OTA account takeovers and phishing pages targeting PMS logins is a serious pattern across the industry. Staying vigilant and sharing incidents like this in the community is genuinely useful for everyone.
Thanks
+2
Move all to the edge browser … and so…
it is by now affacting a lot of PMS Systems. if have spoken to colleagues using Opera and Apaleo as well as Casablanca… so quite annoying and as mentioned you need to train the people. thats key.
We are building an awarness programm for data security which all our employees need to attend and walk through.. invest more on firewalls and so on.
Was nice talking to you by the way at UNFOLD.
Welcome Mews customers. Please use the same email address for registration as in your Mews account. By doing so we can help you faster if we might need to check something in your account.
Already have an account? Login
No account yet? Create account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
