Fraud at a Hampton Inn
Jun 14, 2021, 11:44 am
#1
Original Poster
Join Date: Feb 2000
Location: Columbia, SC
Programs: a little here, a little there
Posts: 1,443
Fraud at a Hampton Inn
Woke up (last week) to an automated text message from American Express notifying me of a charge at a Hampton Inn in another state (MO). I was at that time on vacation in a third state. Never been to this city/hotel before.
I called the Hampton Inn in question (found the reservation on my Hilton App under my account) and had the front desk look into it. Told them I had not authorized anything nor was I staying there.
While they were looking into it, I called American Express (my corporate card, which is linked in my HHonors profile) and opened a fraud case, cancelling the card and initiating a new card to be mailed to me. (Luckily I didn't have a business trip for the next week or so.)
Then I called the Hilton Diamond desk (well, that’s how I have it stored… not sure if I got the Diamond Desk) but after 30 minutes they gave me an additional case # and said they’d get back to me in 3-5 days. (I changed my Hilton account password also, just in case.)
Got an email back from the HI (despite me giving them my cell phone number, they had called my work number and of course, I wasn't there, so they emailed me). I called the Asst GM back… he apologized profusely, and said what he thought happened was someone called their hotel directly and made a reservation (using my name and HH number). And he stated for Golds and Diamonds, they don’t check ids. So the GM then went up to the room, knocked with no answer, so he let himself in – said the occupant looked “out of place”… anyway he told the guy that he needed to come to the front desk to verify (id or payment) but when the guy showed up to the desk and was questioned, he took off (had taken his stuff from room with him.)
So I’m good with $$ (hotel reversed the one night charge), but I have to get a new credit card, potentially get a new HH # (which sucks, as I’ve had this one for 25 years and have it memorized by now) and spent 3 hours dealing with this while on vacation.
TLDR: Make sure you are subscribed to text alerts for credit card charges so you can catch these things early.
(Post script – local hotel offered me some points, I countered with what I thought was more fair offer, they never responded formally but did deposit the points into my account.)
I called the Hampton Inn in question (found the reservation on my Hilton App under my account) and had the front desk look into it. Told them I had not authorized anything nor was I staying there.
While they were looking into it, I called American Express (my corporate card, which is linked in my HHonors profile) and opened a fraud case, cancelling the card and initiating a new card to be mailed to me. (Luckily I didn't have a business trip for the next week or so.)
Then I called the Hilton Diamond desk (well, that’s how I have it stored… not sure if I got the Diamond Desk) but after 30 minutes they gave me an additional case # and said they’d get back to me in 3-5 days. (I changed my Hilton account password also, just in case.)
Got an email back from the HI (despite me giving them my cell phone number, they had called my work number and of course, I wasn't there, so they emailed me). I called the Asst GM back… he apologized profusely, and said what he thought happened was someone called their hotel directly and made a reservation (using my name and HH number). And he stated for Golds and Diamonds, they don’t check ids. So the GM then went up to the room, knocked with no answer, so he let himself in – said the occupant looked “out of place”… anyway he told the guy that he needed to come to the front desk to verify (id or payment) but when the guy showed up to the desk and was questioned, he took off (had taken his stuff from room with him.)
So I’m good with $$ (hotel reversed the one night charge), but I have to get a new credit card, potentially get a new HH # (which sucks, as I’ve had this one for 25 years and have it memorized by now) and spent 3 hours dealing with this while on vacation.
TLDR: Make sure you are subscribed to text alerts for credit card charges so you can catch these things early.
(Post script – local hotel offered me some points, I countered with what I thought was more fair offer, they never responded formally but did deposit the points into my account.)
Jun 15, 2021, 1:40 am
#2
FlyerTalk Evangelist
Join Date: Aug 2011
Location: Barcelona, London, on a plane
Programs: BA Silver, TK E+, AA PP, Hyatt Globalist, Marriott LT Plat, Hilton Diamond
Posts: 13,050
Someone knowing your name and Honors number could easily have access to your computer via a virus or something.
Alternatively you've been lax with throwing away hotel receipts, etc. with lots of personal details printed on them.
I'm glad this situation seems to have been resolved quickly and satisfactorily, but I suspect that it might repeat itself unless you can figure out where the info leaked from.
Alternatively you've been lax with throwing away hotel receipts, etc. with lots of personal details printed on them.
I'm glad this situation seems to have been resolved quickly and satisfactorily, but I suspect that it might repeat itself unless you can figure out where the info leaked from.
Jun 15, 2021, 7:40 am
#3
Join Date: Feb 2005
Location: CLE, DCA, and 30k feet
Programs: Honors LT Diamond; United 1K; Hertz PC
Posts: 4,165
Someone knowing your name and Honors number could easily have access to your computer via a virus or something.
Alternatively you've been lax with throwing away hotel receipts, etc. with lots of personal details printed on them.
I'm glad this situation seems to have been resolved quickly and satisfactorily, but I suspect that it might repeat itself unless you can figure out where the info leaked from.
Alternatively you've been lax with throwing away hotel receipts, etc. with lots of personal details printed on them.
I'm glad this situation seems to have been resolved quickly and satisfactorily, but I suspect that it might repeat itself unless you can figure out where the info leaked from.
I have the opposite "problem" -- a very unique name combination [unusual first name [hint: see username], hyphenated last name (only one on the planet since my mother reverted to her maiden name) with the 2nd part of the surname being maybe a dozen of us in the world, and I can trace my relationship to all but one of them... On a few occassions over the year I've been chatting with bored front desk agents who have searched and confirmed that I'm still the only one of me with a Honors account...
Jun 15, 2021, 7:43 am
#4
Join Date: Feb 2013
Location: DCA
Posts: 7,769
It is scary how little validation hotels do on guests in the U.S.. Just this past weekend I was at a property and, while in my room, a second set of keys was made and given to a new guest (who summarily, of course, burst into my room). In the morning, my existing keys didn't of course work because they had been overwritten for the new guy, so I had to get myself a set of new ones. And even after hearing this story, the agent just popped me out the new keys without even checking any form of identification.
Now, checking into hotels in Europe and Asia...I've purchased cars with fewer checks and confirmations, lol.
Now, checking into hotels in Europe and Asia...I've purchased cars with fewer checks and confirmations, lol.
Jun 15, 2021, 8:09 am
#5
Join Date: Feb 2005
Location: CLE, DCA, and 30k feet
Programs: Honors LT Diamond; United 1K; Hertz PC
Posts: 4,165
A lot of emphasis has been placed on "hospitability" and a low-friction experience. I think the rationale is that asking a guest to prove themselves is both inhospitable ("you don't trust me!?!") and relatively high friction ("OMG, I have to dig my wallet out to get an ID and credit card?!? That's way too much effort! Can't you see I just want to crawl into my bed?" ) -- I've never really had an issue with either, and have found it alarming when hotels have cut new keys for rooms without a shred of verification to the point where I've gone out of my way to have a conversation with the agent and/or management about why it concerns me.
Of course golds/diamonds are both at highest risk for being breached due to number of contact points and also the group Hilton wants to make as low-friction as possible -- I still remember checking in at an Embassy Suites in Orlando maybe 8-10 years ago when the FDA refused to look at my ID "Oh, no, Corporate says we aren't allowed to check ID for Diamonds anymore" -- I thought it was one of the most absurd things I had heard and am thankful to see that messaging has been walked back over the years to the point where I think the policy has been completely abandoned. Of course, with Digital Key anyone with your Honors credentials could in theory book a room, check in, etc. without ever making contact with another human, let alone hotel employee, on the property... I've done it a couple times and it's a little creepy.
On the flip side, the lack of verification has worked in my favor: A few years ago I was in Richmond on a business trip with one of my favorite clients. I wasn't feeling well -- thought maybe it was a cold or the flu and excused myself for the day -- but after a couple really awful days I wound up driving myself to an ER where i was told I was within about 48-72 hours of death (yay?). When it became clear I would be in the hospital for a bit, I booked my wife a ticket out to be with me -- she picked up my rental car from the hospital parking lot, went to the hotel asked for a key for "LincolnJKC in room XXX" -- was given one with no questions asked, packed up the room, checked me out, and then met me at the hospital I had been transferred to.
Given she and I have completely different surnames, she wasn't listed as a guest on the room, my physical address on Honors is the office, etc. -- had the hotel verified anything it would have been very awkward.
Of course golds/diamonds are both at highest risk for being breached due to number of contact points and also the group Hilton wants to make as low-friction as possible -- I still remember checking in at an Embassy Suites in Orlando maybe 8-10 years ago when the FDA refused to look at my ID "Oh, no, Corporate says we aren't allowed to check ID for Diamonds anymore" -- I thought it was one of the most absurd things I had heard and am thankful to see that messaging has been walked back over the years to the point where I think the policy has been completely abandoned. Of course, with Digital Key anyone with your Honors credentials could in theory book a room, check in, etc. without ever making contact with another human, let alone hotel employee, on the property... I've done it a couple times and it's a little creepy.
On the flip side, the lack of verification has worked in my favor: A few years ago I was in Richmond on a business trip with one of my favorite clients. I wasn't feeling well -- thought maybe it was a cold or the flu and excused myself for the day -- but after a couple really awful days I wound up driving myself to an ER where i was told I was within about 48-72 hours of death (yay?). When it became clear I would be in the hospital for a bit, I booked my wife a ticket out to be with me -- she picked up my rental car from the hospital parking lot, went to the hotel asked for a key for "LincolnJKC in room XXX" -- was given one with no questions asked, packed up the room, checked me out, and then met me at the hospital I had been transferred to.
Given she and I have completely different surnames, she wasn't listed as a guest on the room, my physical address on Honors is the office, etc. -- had the hotel verified anything it would have been very awkward.
Jun 15, 2021, 8:21 am
#6
Original Poster
Join Date: Feb 2000
Location: Columbia, SC
Programs: a little here, a little there
Posts: 1,443
Appreciate the response.
As for being lax with paperwork, I never get paper folios anymore... and my computer is virus-free. There's always a possibility that I let something slip, but I really wonder if it was something of an inside-job (someone got my info from an employee).
Looking at what actually happened (an individual, not sure for what purposed, but renting a $65 Hampton Inn in the middle of Missouri), I'm not sure their motive or where they may have gotten the information, as I never have stayed at that hotel, or the city in question.
My bigger issue is that a hotel would allow someone to reserve a room and charge the card on file, with them only giving a name and Hhonors number, no ID nor showing the credit card.
As for being lax with paperwork, I never get paper folios anymore... and my computer is virus-free. There's always a possibility that I let something slip, but I really wonder if it was something of an inside-job (someone got my info from an employee).
Looking at what actually happened (an individual, not sure for what purposed, but renting a $65 Hampton Inn in the middle of Missouri), I'm not sure their motive or where they may have gotten the information, as I never have stayed at that hotel, or the city in question.
My bigger issue is that a hotel would allow someone to reserve a room and charge the card on file, with them only giving a name and Hhonors number, no ID nor showing the credit card.
Jun 15, 2021, 8:50 am
#7
Join Date: Aug 2011
Location: Makati City, Philippines
Programs: Delta Skymiles DM, CX GO, Hilton Honors Diamond
Posts: 1,361
I would hope the hotel would have also called the police. One would think there would by several CCTV cameras in the lobby and near the elevators that may help to identify the man who did this. This person must have done this more than once to be able to be so comfortable to actually stay in the room, and then quickly sneak out once it was realized what he was doing. As an aside, I wonder if you could get the points and stay credit for HH? Ha Ha
Jun 15, 2021, 10:04 am
#8
A FlyerTalk Posting Legend
Join Date: Apr 2013
Location: PHX
Programs: AS 75K; UA 1MM; Hyatt Globalist; Marriott LTP; Hilton Diamond (Aspire)
Posts: 56,470
Jun 15, 2021, 10:37 am
#9
Original Poster
Join Date: Feb 2000
Location: Columbia, SC
Programs: a little here, a little there
Posts: 1,443
Well, I know I'll never complain about having to show ID or swipe a card!
Since I know how he booked (phone), I'm pretty sure my HH account/password was never compromised, although I changed my password and credit cards just in case. So he couldn't have a digital key (since he couldn't log on via the app without my password.)
I'm leaning towards a local, who got my name/number from someone who worked at the hotel, and booked a room for a week to see what he could get away with... don't want to even think about what purposes he could have used the room for.
Since I know how he booked (phone), I'm pretty sure my HH account/password was never compromised, although I changed my password and credit cards just in case. So he couldn't have a digital key (since he couldn't log on via the app without my password.)
I'm leaning towards a local, who got my name/number from someone who worked at the hotel, and booked a room for a week to see what he could get away with... don't want to even think about what purposes he could have used the room for.
Jun 15, 2021, 10:47 am
#10
Join Date: Feb 2013
Location: DCA
Posts: 7,769
Well, I'm not one of those diamonds, and I'm sure the first time a property had to deal with a major incident after it compromised a guest's security, it would reconsider its policies.
Jun 15, 2021, 10:52 am
#11
Join Date: Dec 2011
Location: BRS
Programs: BA Gold, Hilton Diamond
Posts: 4,995
Well, I know I'll never complain about having to show ID or swipe a card!
Since I know how he booked (phone), I'm pretty sure my HH account/password was never compromised, although I changed my password and credit cards just in case. So he couldn't have a digital key (since he couldn't log on via the app without my password.)
I'm leaning towards a local, who got my name/number from someone who worked at the hotel, and booked a room for a week to see what he could get away with... don't want to even think about what purposes he could have used the room for.
Since I know how he booked (phone), I'm pretty sure my HH account/password was never compromised, although I changed my password and credit cards just in case. So he couldn't have a digital key (since he couldn't log on via the app without my password.)
I'm leaning towards a local, who got my name/number from someone who worked at the hotel, and booked a room for a week to see what he could get away with... don't want to even think about what purposes he could have used the room for.
Jun 15, 2021, 11:05 am
#12
Original Poster
Join Date: Feb 2000
Location: Columbia, SC
Programs: a little here, a little there
Posts: 1,443
I was able to discover this both from the charge coming through on my credit card, and immediately after I checked my Honors account, which showed the reservation (and conveniently gave me the name and phone number for the hotel.)
Jun 15, 2021, 9:18 pm
#13
Join Date: Mar 2008
Location: Fort Lauderdale, FL
Posts: 3,360
I still remember checking in at an Embassy Suites in Orlando maybe 8-10 years ago when the FDA refused to look at my ID "Oh, no, Corporate says we aren't allowed to check ID for Diamonds anymore" -- I thought it was one of the most absurd things I had heard and am thankful to see that messaging has been walked back over the years to the point where I think the policy has been completely abandoned.
Or, the hotel employee/manager gets updated on a new policy (which comes from the franchise owner/operator) and they blatantly lie to guests and say it's from Hilton Corporate because that makes the hotel look like they aren't the bad guys.
Jun 15, 2021, 9:48 pm
#14
Join Date: Feb 2005
Location: CLE, DCA, and 30k feet
Programs: Honors LT Diamond; United 1K; Hertz PC
Posts: 4,165
FYI: Many times when hotel employees say "Corporate", they are referring to the corporate office of the company that owns/runs the franchise. They are not referring to Hilton Corporate.
Or, the hotel employee/manager gets updated on a new policy (which comes from the franchise owner/operator) and they blatantly lie to guests and say it's from Hilton Corporate because that makes the hotel look like they aren't the bad guys.
Or, the hotel employee/manager gets updated on a new policy (which comes from the franchise owner/operator) and they blatantly lie to guests and say it's from Hilton Corporate because that makes the hotel look like they aren't the bad guys.