Guests are receiving phishing WhatsApp messages | 2026-07-04

We know about a phishing scam where bad actors launch fake sign-in pages to steal account credentials. They use compromised accounts to send fraudulent WhatsApp messages to guests. These deceptive messages often contain links asking guests to "confirm reservations" or verify account details.

If you or your team accessed Guesty through these fake sites or inadvertently shared account credentials or Multi-Factor Authentication (MFA) codes, bad actors retain access to your account. Since these interactions happen outside of our platform, protecting your account requires immediate action. Until this is resolved, we recommend following these steps:

  • Update your account password to a strong, unique alternative.
  • Revoke existing sessions and reconfigure your MFA settings to lock out unauthorized users.
  • Check your recent reservations and account changes for unauthorized adjustments.

Please remain vigilant and never share MFA codes or passwords via messaging apps. We apologize for the inconvenience and appreciate your patience as we work to resolve this issue.

Was this article helpful?
0 out of 0 found this helpful