12 Replies Latest reply: Jul 17, 2013 1:37 PM by painedplatinum RSS

Security Email? Received July 16, 2013

bear4youth Silver
Currently Being Moderated

Just in case you also received an email telling you that your account information is currently secure, but a "small" number of other people's information was accessed, so you should click the link to change your password just in case...

 

This email MAY BE TRUE. I logged onto marriott.com, found the customer care number and called. They did send emails to "some" of their members. It is ALWAYS a good idea to type in the web address yourself, and NEVER click on links within emails that claim to be security related, or are asking for login and account information.

 

The email I received said:

"

Dear ________,

 

The security of your Marriott Rewards® member account is of the utmost importance to us. There have recently been attempts made to gain unauthorized access to a small number of members' online accounts. Although your account was not included in these attempts, as a precaution, we ask that you visit Marriott.com and change your password as soon as possible to assist us in ensuring the security of your account:

 

 

You will need to change your password on Marriott.com from your desktop since updates cannot be made from your mobile device.

 

Select a unique password, at least 8 characters long, that is not used with any other online account you may have.

 

Security experts urge that a more secure password contains a minimum of one capital letter and one number.

 

Our Data Privacy and Protection team has been working diligently to implement safeguards to block these attempts and maintain the ongoing security of all member accounts.

 

These types of online attacks become possible when individuals use the same email address and password combination for multiple online accounts. The email address and password combination becomes more susceptible to being collected via external sources and then used in an attempt to gain unauthorized access to other online accounts, such as your Marriott Rewards account.

 

If you have any questions, please call Marriott Rewards Guest Services at 800-952-8876 for assistance.

 

We take this matter very seriously as we have a long-standing commitment to protect the privacy of the personal information that our guests entrust to us. Thank you for your prompt attention to this important notice.

 

 

 

UPDATE PASSWORD NOW

 

 

 

Sincerely,

 

Marriott Rewards Guest Services

"

(For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    erc Platinum
    Currently Being Moderated

    Good stuff, thank you for the heads up and good advice.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    rmiii Platinum
    Currently Being Moderated

    I questioned if the email was a phishing attempt as the email calls for an 8 character password and the marriott site permits a 6 character password.

     

    Maybe the Community Manager can comment as it its validity and the need to change passwords.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

    • Re: Security Email? Received July 16, 2013
      painedplatinum Platinum 2 Reviews
      Currently Being Moderated

      My password is longer than 6 characters and has been since I first joined....15 yrs ago?

      (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    randomname Platinum 7 Reviews
    Currently Being Moderated

    I assumed it to be phishing.  The email address from which it came didn't look right, and the very long URL stream for every link in the email was the same.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

    • Re: Security Email? Received July 16, 2013
      bear4youth Silver
      Currently Being Moderated

      My email did not have the same URL for each link. From what I can gather on the internet, it looks like some emails are legitimate, and some are indeed phishing emails. As always, NEVER click on links within an email if you expect to enter your login or account information. ALWAYS go directly to the website yourself.

      (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    bear4youth Silver
    Currently Being Moderated

    Little more info. After doing some more research, it appears that there are both Legitimate and Phishing emails in circulation right now. NEVER click on links related to account information. ALWAYS go directly to the website to log in, change passwords, etc.

     

    Probably a good idea to change your password periodically anyway. Just be sure to go to Marriott.com directly and not via any links in emails.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    bejacob Platinum 38 Reviews
    Currently Being Moderated

    Good info. I too went directly to the Marriott web site to find out more rather than click on the link. Whenever I am prompted to use a link to log in or change a password, I am suspicious.Better to be safe than sorry.

     

    Changing passwords frequently is a good security measure, but doing so because an email suggested it should raise a red flag.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    poolplayer32091 Silver
    Currently Being Moderated

    I got the email and when I saw their reply email was to an "email.com" address, I call MR # on back of my card.  Since my name was used in greeting, I felt it might be legit but still called.

    The CSR said the email was legit and suggested I change my login to MR.  I changed to a number/ letter 9 digit PW that I use for membership reward sites.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

  • Re: Security Email? Received July 16, 2013
    NathalieF Community Manager Marriott Associate
    Currently Being Moderated

    As a few have mentioned, the email is legit and a little caution does go a long way. But for those that don't click the email links, you can sign directly into Marriott.com to change your password. And to improve security, you do have the option of passwords longer than 6 characters and we're recommending a minimum of an 8-character password.

    (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

    • Re: Security Email? Received July 16, 2013
      verne Silver 1 Reviews
      Currently Being Moderated

      I received the e-mail warning and clicked onto the link that was within the e-mailed document. Well, I was blessed and the link was ligitament.

      However, I do agree that using causion is better than assuming the e-mail is ligitament.

      (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

    • Re: Security Email? Received July 16, 2013
      erc Platinum
      Currently Being Moderated

      Thank you for responding on an issue of significance, I appreciate the peace of mind (especially coming after posts a few weeks back about points disappearing). As the champion of technological numbnuts, who doesn't know a URL from an Underwriters Laboratory, I was grateful for bear4youth's advice which came right around the time I received the e-mail. If not clicking on the link in an e-mail is sound advice (which it is) wouldn't it also be a sound practice for firms like Marriott to not include them in legitimate requests and instead direct us to marriott.com? (especially when, like posters noted above the password format was changed).  Please consider that in the future.

      (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

      • Re: Security Email? Received July 16, 2013
        eb5147 Alumni Steward Platinum 7 Reviews
        Currently Being Moderated

        Isn't that the truth?  Any corp. messaging center should know better than that, especially when they know a scam is going on at the same time.  And then for them to say it might or might not be legit!!!  That alone shows the mentality of those in charge.  It's as if they've outsourced to a foreign country that has no business experience.

        (For each location tag, you will be guided through a 3-step process to add (1) a city and a state or a city and a country, (2) a Marriott brand, and (3) a Marriott hotel.)

More Like This

  • Retrieving data ...