Security awareness ยท June 2026

Phishing attacks are targeting
the hospitality industry

Including YCS customers โ€” read what this means for your property
๐Ÿ”’
YCS
YCS Security Team
Yanolja Cloud Solution

Hi community,

Phishing is a type of cyberattack where criminals impersonate a trusted source โ€” a hotel, a booking platform, or a payment service โ€” to trick people into clicking fake links or sharing sensitive information such as card details or login credentials.

An active, coordinated phishing campaign is currently targeting hotels, guests, and booking systems across the global hospitality industry. Attackers are sending WhatsApp messages and emails to guests that appear to come from their hotel. These messages reference real booking details โ€” name, hotel, stay dates โ€” and ask guests to verify their payment through a fake link. The details look real because they are: attackers have accessed hotel systems to obtain them.

Correct this to This is an industry-wide attack. Booking.com, and several other major platforms have publicly confirmed they are affected by the same campaign. YCS customers are among those impacted.

The full advisory covers
Who is behind this attack and how it operates
How attacker tactics have evolved and what's changed recently
Every action YCS has taken to protect your platform and data
Known phishing domains and indicators of compromise
Security steps your property can take right now
Guest communication templates to raise awareness at your property
What to do if you believe your account has been compromised
For security reasons, the full advisory is accessible to YCS customers only through our community portal. This ensures detailed threat information โ€” including indicators of compromise and mitigation steps โ€” does not reach the wrong hands.

Log in to the YCS community to read the full advisory and recommended actions.

Read the full advisory โ†’
Not a YCS customer? Contact our support team