The Federation of Hotels, Restaurants, and Bars (HORESCA) has warned of a phishing campaign in which fraudsters pose as hotel employees to obtain guests' credit card details.
According to the information available so far, guests who had made a reservation are primarily affected, with the scammers contacting them directly. The perpetrators pose as hotel staff and urge clients to update or confirm their credit card details in order to complete or guarantee a booking.
Several victims reported that unauthorised sums were later debited from their accounts after providing the requested information.
The incidents reportedly involve hotels using channel management software, including solutions provided by Lighthouse, a company specialising in hotel management software. While no direct technical connection has been confirmed at this stage, the frequency of reported cases has prompted HORESCA to raise awareness within the sector.
According to the organisation, the fraudsters use various communication channels.
Some clients were contacted via WhatsApp, sometimes from international phone numbers, while others received messages directly through the Booking.com messaging system – an approach that can make the communication appear genuine.
HORESCA urges all guests to exercise particular caution when asked to make a payment or update bank details. When in doubt, the hotel in question should be contacted directly using its official contact information.
At the same time, the federation calls on affected hotels to get in touch with HORESCA promptly to help centralise information and better assess the scale of the phenomenon. Establishments that have already been targeted should also report the cases to the Computer Incident Response Center Luxembourg (CIRCL).
Following initial contact with Lighthouse, the company responded quickly to the issues and provided explanations. In this context, HORESCA emphasised that swift and preventive communication to all clients is essential to increase vigilance regarding the current phishing campaign.
