As a front desk agent, you routinely handle sensitive guest information, reservations, and payments in Mews. This makes it essential that you diligently follow Mews’ recommended security guidelines to protect your property’s data from phishing incidents.  

 

Malicious entities can log in to your account and steal your property’s data when you: 

• Search for Mews login page on search engines and click on fake websites that malicious entities create to look identical to Mews
• Use shared accounts instead of logging in with your personal credentials 
• Set weak passwords, such as birth dates or hotel names, that malicious entities can easily find
• Click on phishing emails that malicious entities send to steal login credentials or install malware 
• Do not monitor and manage your account login activity by setting up security measures such as: 
  • Passkeys
  • 2FA verification by email, 
  • Trusted Device Authorization. 

 

Ask your admins about the following Mews recommended security measures: 

• Single sign-on (SSO)  
• Two-Factor Authentication (2FA)  

 

In this article you can learn how to protect your property data by: 

• Securely logging in to Mews 
• Setting up strong account passwords  
• Recognizing and handling suspicious emails 
• Monitoring and managing your account login activity 
  • Monitoring logins from unfamiliar locations or devices 
  • Ensuring logins only through trusted devices 
• Reporting suspicious activity 

 

Securely logging in to Mews 

Never type "mews login” into Google or other search engines. Malicious entities pay for fake links or websites to appear in your search results to trick you in to giving away your account credentials.  

 

There are two secure ways of logging into Mews: 

• Bookmark the correct URL for quick and secure access. 
• In your browser, type in app.mews.com and press the return key. Note: Check the website URL to confirm it is app.mews.com before entering login details. 

 

Setting up strong account passwords 

Your Mews user account password needs to consist of 12 characters and include symbols or special characters. You can learn more about tips for a strong password here.  

 

Note: Do not share your password with anyone, even colleagues.  

 

Recognizing and handling suspicious emails 

• Before clicking any links or opening attachments: 
  • Verify the emails you receive from Mews are from mews.com or mews.li domains.  
  • Do not provide login details in response to unexpected or urgent email requests. 
• If an email seems suspicious, extremely urgent, or threatening:  
  • Report it to your manager or system administrator before taking any action. 

 

Monitoring and managing account activity 

Monitoring logins from unfamiliar locations or devices 

Monitor your account login attempts to make sure every access is a trusted access. Mews automatically sends you an email alert whenever there’s a login to your Mews account from an unfamiliar device or location.  

Each notification includes the IP address, location, and time of the login attempt. 

• Make sure that at least two of the above matches your usual activity, 
• If the login appears from an unfamiliar location, report it to your system administrator immediately and do not authorize access. 

 

You can learn more about monitoring device logins to your Mews account here. 

 

Ensuring logins only through trusted devices 

To ensure that logins through approved devices only can access your account, use Trusted Device Authorization in Mews. You can learn more about managing trusted devices here.

• Regularly review and manage your trusted devices in your user account. 
• If you see any unrecognized devices, remove access immediately and change your account password. You can learn about changing your password here. 

 

Reporting suspicious activity 

If you notice unusual activity, such as unexpected logins or unauthorized changes, report it to your system administrator immediately.