IHG: I don't think I got scammed but maybe

[SecondAttempt]

I got an email yesterday informing me I had changed my email address on IGH.com (International Hotels Group = Holiday Inn, Crown Plaza, Intercontinental Hotels, etc.). I immediately logged in and saw my email address had been changed. I changed it back, changed my password, and investigated further. Someone had booked a room in Chicago using MY point and had already checked in. I called IHG security but they were off for the weekend (truly pathetic). Regular support got my call but could not do much except say they will resolve withing 24-78 hours. Terrible customer support from India! I have a good feeling this will be resolved but still...

 

[audreyh1]

Wow, bummer!

At least you got notified.

 

[Retired Expat]

I got an email yesterday informing me I had changed my email address on IGH.com (International Hotels Group = Holiday Inn, Crown Plaza, Intercontinental Hotels, etc.). I immediately logged in and saw my email address had been changed. I changed it back, changed my password, and investigated further. Someone had booked a room in Chicago using MY point and had already checked in. I called IHG security but they were off for the weekend (truly pathetic). Regular support got my call but could not do much except say they will resolve withing 24-78 hours. Terrible customer support from India! I have a good feeling this will be resolved but still...

Funny you didn’t get an email confirmation of the booking? Although you need to be careful with those email confirmations of transactions as many are scams trying to get you to click on a link!

 

[dixonge]

I got an email yesterday informing me I had changed my email address on IGH.com (International Hotels Group = Holiday Inn, Crown Plaza, Intercontinental Hotels, etc.). I immediately logged in and saw my email address had been changed.

The question is -- HOW did you log in?

Did you click the link in the email itself? If so, *THAT* might actually be the hack. It's called 'phishing' - If you followed the link in the email, it might have taken you to a fake site pretending to be IHG. At which point you then gave the hackers your existing password. After that, they can take over your account.

If you logged in by going to a bookmark or typing in the URL manually then it's not phishing, but you have to wonder how someone got into your account to begin with...

 

[MdaPetralia]

I got an email yesterday informing me I had changed my email address on IGH.com (International Hotels Group = Holiday Inn, Crown Plaza, Intercontinental Hotels, etc.). I immediately logged in and saw my email address had been changed.

I recall hearing IGH.com experiencing data breach(es). Were you not notified to change your email address and password?

Also, how did you log in to your account after you got the email re: your email address was changed? Thinking the hacker would have changed the password, no?

Funny you didn’t get an email confirmation of the booking?

Not if hacker changed email before booking.

 

[SecondAttempt]

The question is -- HOW did you log in?

Did you click the link in the email itself? If so, *THAT* might actually be the hack. It's called 'phishing' - If you followed the link in the email, it might have taken you to a fake site pretending to be IHG. At which point you then gave the hackers your existing password. After that, they can take over your account.

If you logged in by going to a bookmark or typing in the URL manually then it's not phishing, but you have to wonder how someone got into your account to begin with...

No, I'm not that dumb.

 

[Jerry1]

No, I'm not that dumb.

Okay, but it is still interesting that you got into your account after the email was changed. Any idea how that was possible?

 

[dmpi]

What was you email address changed to? That should tell you a lot.

 

[Sunset]

I would have phoned the hotel as well, since hotels are usually (always?) privately owned and just pay a fee to use the "name brand" of IGH or others..

Seems like the hotel staff would at least have some ability to phone someone once they realized they were not going to end up getting paid for the room. Sort of like if they were notified a credit card was bad.

Wondering, how did it turn out ?

 

[Aerides]

it is still interesting that you got into your account after the email was changed. Any idea how that was possible?

My login for my hotel account (different one) has a user name and password - my email is not part of my sign in credentials, so if that wasn't changed, just the email, I would still be able to log in.

 

[Mark1]

I just checked DW's IHG account and it requested a password update prior to allowing entry. Based on my record keeping, I'm guessing this is the only password update on this account within the past 15 years. Looks like IHG might have had a security breech. .

 

[SecondAttempt]

What was you email address changed to? That should tell you a lot.

It was changed to xx.xxxyyy@gmail.com where xx is my first name, xxx is my last name, and yyy is a 3 digit number. So they had my real name and presumably an ID in my name.

Update: IHG was great. They returned my points to my account, required I change my password (which I had already done) and even gave me the points the losers got for check-in bonus.

I wish I knew what happened to the a$$holes who did this but I will never know.

 

[SecondAttempt]

Okay, but it is still interesting that you got into your account after the email was changed. Any idea how that was possible?

I don't think they got into the account after the email was changed. As soon as I got notification of the email changed I logged in and changed it back but that was about 2 hours later.

 

[SecondAttempt]

I would have phoned the hotel as well, since hotels are usually (always?) privately owned and just pay a fee to use the "name brand" of IGH or others..

Seems like the hotel staff would at least have some ability to phone someone once they realized they were not going to end up getting paid for the room. Sort of like if they were notified a credit card was bad.

Wondering, how did it turn out ?

I thought about calling the hotel. I fantasized about big burly guys pounding on the door then opening it and screaming "Get the f on the floor, now" and scaring the crap out of them. But is was a Crown Plaza so security is probably some college student and they don't confront anyone.

But through leakage on the IHG site I did see that they ended up paying about $200. I was made whole plus their welcome points so all good.

 

[Jerry1]

Seems odd that someone would hack your account and only change the email address and not the password (which therefore allowed you to still log in). There may be something else going on here. Just a thought - maybe someone booked into the hotel by using your information at the front desk and it was the employee that changed your address. So, not actually getting into your account. Of course, still a scam but not a hack of your account. Maybe an employee was trying to get a friend a good deal on a room by using your points.

 

[latexman]

I just logged into my IHG App and it was normal. They didn't ask for any password change.

 

[ArmchairMillionaire]

I got an email yesterday informing me I had changed my email address on IGH.com (International Hotels Group = Holiday Inn, Crown Plaza, Intercontinental Hotels, etc.). I immediately logged in and saw my email address had been changed. I changed it back, changed my password, and investigated further. Someone had booked a room in Chicago using MY point and had already checked in. I called IHG security but they were off for the weekend (truly pathetic). Regular support got my call but could not do much except say they will resolve withing 24-78 hours. Terrible customer support from India! I have a good feeling this will be resolved but still...

I do not have the IHG app, but I had the same thing happen to me. Twice. They told me I should get a new e-mail address but the one I've had for years is tied to so many things I am reluctant to start life over with a new e-mail. I suspect my e-mail address is out there on some list available to hackers and IHG had some kind of vulnerability with their accounts. After the 2nd time of someone trying to book hotels in cities I was not planning to visit, I changed all my passwords that I could think of, including IHG.
As a bonus, IHG was very apologetic. Not only did they cancel the fraudulent activity (it was still a week away, thankfully) and re-instate all my points, they also awarded me 40K bonus points for my inconvenience. Of course, nowadays it's hard to find a room for less than 22.5K points so that bonus won't even cover one night away (2 rooms) for us but at least it was something.

 

[SecondAttempt]

Seems odd that someone would hack your account and only change the email address and not the password (which therefore allowed you to still log in). There may be something else going on here. Just a thought - maybe someone booked into the hotel by using your information at the front desk and it was the employee that changed your address. So, not actually getting into your account. Of course, still a scam but not a hack of your account. Maybe an employee was trying to get a friend a good deal on a room by using your points.

That occurred to me as well. It COULD be an innocent error but I find that unlikely. I'm just happy that IHG resolved it quickly and in my favor because I have an upcoming stay that could have been affected but now appears fine. We'll see when I get there. If they want 10 forms of ID and a pint of blood for deposit I really won't be that offended after this incident.

 

[audreyh1]

I went ahead and updated my login credentials. I rarely use this account and don’t have points worth stealing.

My login name is my member number. Maybe I can change that too. - Don’t see that option.

 

[SecondAttempt]

I went ahead and updated my login credentials. I rarely use this account and don’t have points worth stealing.

My login name is my member number. Maybe I can change that too. - Don’t see that option.

Yes, for those who questioned how I could log in after my email address was changed...I used my member number.

I am otherwise pretty careful but the password I had on the account was one compromised years ago. I was not concerned because I don't use my email address in combination with the compromised password to access IHG. But, the fact that it is an option probably gave them their in.

This is the first time I have been personally hacked. Like most people I have had my data compromised by breaches including by the US government. That one remains my biggest concern since it involved my SF86 form being leaked which is for national security purposes and includes some very detailed and personal information. They ask about everything immoral or illegal you have done since childhood. Fortunately the list was short for me. (But when I visit China, Chinese customs knows I had a top secret security clearance!)