Phishing incidents are a serious threat which target users to steal login credentials by mimicking legitimate websites. If you fall victim to phishing, it is important that you take immediate action to protect your property and guest information from unauthorized access. You can perform these actions as soon as you suspect an incident, directly within your Mews account settings, accessible from any secure device with internet access. Acting quickly minimizes the risk of further damage and helps safeguard your sensitive data.  

 

In this article you can learn about what to do if you think you were phished: 

• Step 1: Change your login credentials 
• Step 2: Report suspicious activity to Mews 
• Step 3: Investigate and act 
• Step 4: Raise awareness among your staff 

 

Step 1: Change your login credentials 

Changing your Mews login credentials is the most important step. If you use the same password for other accounts, update those credentials as well. This minimizes the risk of unauthorized access across multiple platforms.  

To change your credentials: 

1. Log in to Mews using the official URL: https://app.mews.com. 
2. Click Account > Privacy and Security. 
3. Click Change your password.  
4. Enter your previous password and click Continue.  
5. Enter a new password with a strong, unique combination. 
6. Repeat this process for any other accounts using the same credentials. 

 

Step 2: Report suspicious activity to Mews 

It is very important that you contact Mews support immediately with details of the phishing incident. 

1. In Mews Operations, click Help/Contact Us . 
2. In the conversation with Mews Support, describe the incident to include:  
   • Any suspicious emails, URLs, or interactions. 
   • Screenshots of any suspicious behavior. 
3. Follow instructions that the support team provides. Note: This can involve further security measures or investigation. 
    

Step 3: Investigate and act 

Once you report the suspicious activity to Mews: 

1. Conduct an immediate internal investigation into the matter to understand what happened and the data impact. 
2. To mitigate any potential impact, Mews strongly suggests you contact any affected guests and warn them not to provide any personal or financial data or execute payments to companies they do not trust.  
3. Depending on applicable laws and regulations in your area, you may need to take additional steps such as notifying relevant authorities.  

 

Step 4: Raise awareness among staff 

Mews strongly suggests having conversations with your staff to discuss what happened and how to prevent this from happening again. You can learn more about preventing phishing incidents here. 

 

This protects your account against the current phishing incident, informs the Mews team and mitigates the potential impact. 

 

You can learn more about securing your Mews Operations user accounts here.