Skip to main content

Protect against phishing, spam, and malware

Updated today

Phishing, spam, malware — what are they?

Phishing - When a scammer pretends to be someone you trust to trick you into clicking a fake link or giving away personal information.

Spam - Unsolicited communications sent to you, often in bulk, in an attempt to steal your sensitive information and access your log-in credentials.

Malware - A malicious type of software designed to damage or exploit your device or system.

What are scammers after?

Scammers who use spam, malware or phishing attacks are trying to steal your login credentials so that they can access your Little Hotelier account. If they are able to access your account they may try to steal your guest’s payment details or personal information.

How to spot scammers and stay protected

To help recognise and protect against phishing, remember the following:

Bookmark Little Hotelier’s official login page

Scammers will frequently attempt to steal your login credentials by asking you to login to a fake login page. To avoid this you should bookmark the official login page so you are not caught by one of these scams.

  • Bookmark the Little Hotelier login page: https://littlehotelier.authx.siteminder.com/login

  • Keep an eye out for fraudulent log-in screens with illegitimate URLs. Scammers might try to create URLs that look similar to the official URL above (e.g. “littlehoteler.com” or “littlehotelier.biz”)

Check the Email or Website URL is correct

Little Hotelier only sends emails from the following e-mail addresses. If you receive an email that claims to be from Little Hotelier but is not from one of these e-mail domains it may be a scam.

Any website links we share with you will also be hosted on these domains.

We will never contact you via subdomains or domains with different extensions — for example, domain.biz.

Look out for suspicious requests

Be on the lookout for any request that may be suspicious. Little Hotelier handles login credentials and personal information with the strictest security controls - any request for personal information or login credentials should be reported to our support team.

  • We will not ask for your username, password, or any other sensitive information via e-mail or SMS.

  • Be cautious of unexpected and/or urgent e-mails claiming to come from us. If in doubt please contact our support team to validate the request is legitimate.

  • Pay close attention to the sender’s e-mail address; assess if it is legitimate.

Look for mistakes or unusual errors in communications

  • Scrutinise the format and content of the e-mail: keep an eye out for obvious errors like references to other properties or people who don’t work at your business.

  • Look for any unusual spelling and grammatical errors — a tell-tale sign of fraud.

  • Be wary of suspicious offers, vouchers, and discounts; if it sounds too good to be true, it probably is.

Essential steps to protect your account

Account Security Setup

  • Set up multi-factor authentication - Multi-factor authentication is a security check that asks for two or more proofs of identity, like your password and a code sent to your phone, to make sure it's really you logging in. For more details on how to set up MFA please see this article.

  • Create individual user accounts - Create individual user accounts for each team member with unique email addresses. Do not use shared email addresses like info@hotel.com.

  • Never share login credentials - Do not share any of your property's login credentials with anyone.

Password and System Security

  • Use strong passwords that are at least 12 characters long - Ensure passwords contain both lowercase and uppercase letters, include at least one number, and don't reuse passwords across different accounts.

  • Avoid using common words or personal information - Don't use birthdates, names, or easily guessable information in your password.

  • Install security software - Install anti-spyware, anti-virus, and anti-malware tools, and keep them up to date.

  • Keep systems updated - Update your applications and operating systems regularly, especially when prompted.

  • Safe browsing practices - Log out after each session when using shared computers and do not save credentials in browsers.

What should I do if I suspect a security threat?

If you encounter any suspicious emails, login requests, or potential security threats:

  1. Do not click any links or provide any information

  2. Contact our support team immediately to validate the request

  3. Report the suspicious activity to other team members at your property

  4. Change your password if you suspect your account may have been compromised

Related Articles
Overview of security codes
Booking Engine, Demand Plus: frequently asked questions
Learn about Demand Plus
Reset your password
Troubleshooting login issues
Did this answer your question?