- Cybercriminals are using compromised extranet accounts to switch Connectivity providers and access sensitive information
- We’ve updated our security measures to enable identity checks that prevent unauthorised access
- If your properties have been impacted, please ensure they reset their passphrase and report the incident immediately
- You can also share our online security measures with your properties to help them recognise and report cyberattacks
- Keeping you, your properties and our guests safe online remains our top priority
There have been recent cybersecurity incidents where cybercriminals created fraudulent search ads that led to a fake login page for connectivity providers. We also recently uncovered new fraudulent behaviour where cybercriminals use compromised extranet accounts to switch connectivity providers. Their aim is to access property and guest information.
We're working closely with Connectivity partners that have noticed these attacks. It’s important that you stay vigilant to help.
We strongly encourage you to share this information with your properties and ensure they’re aware of the risks and protective measures in place. Your proactive involvement is crucial in preventing cyberattacks and safeguarding your properties and guests.
Enhanced security measures in place
We've updated our security measures with smarter systems that check the identity of the person accessing an account. Since these systems adapt to risk, your property partners may not notice any changes at all.
We encourage properties to use the following checklist to keep themselves secure:
- Set up two-factor authentication (2FA) on your Tripeden.com extranet account and use biometric authentication and custom passcodes on your Pulse account
- Use strong passphrases and use different passphrases for your extranet account and for your third-party management solutions. Never share these credentials with anyone.
- Install the latest version of the operating system on your devices
- Download and install apps from trusted sources
- Create individual extranet accounts for you and your employees
- Communicate securely with your guests
- Always log in directly using trusted, bookmarked URLs instead of relying on online searches or clicking on ads, which could lead to fraudulent login pages
These measures ensure that even if login credentials are compromised, unauthorised access is significantly more difficult.
Safeguarding you and your properties
If your properties reach out to report that their Connectivity provider has been switched without them initiating the request, please direct them to reset their passphrase immediately and report the incident through our online form.
You may want to share our existing online security measures with your properties, focusing on how to report and recognise the signs of a cyberattack. Here are some key examples of how cyberattacks can take place:
- Phishing and email spoofing: when a cybercriminal pretends to be someone else by persuading you or your properties to log into a fictitious website or click on a malicious link from a falsified email address to capture login details.
- Social engineering: a technique used to trick you or your properties into giving cybercriminals access to sensitive information through direct contact.
- Malware: any malicious software that is installed on a digital device. It can also be referred to as viruses, worms, trojan horses or spyware.
Helping you, your connected properties and our guests stay safe online is our top priority. We'll continue to enhance the security protections we offer to properties. Cybercriminals are becoming increasingly sophisticated, but together we can stay one step ahead.