Thousands of euros in customer deposits stolen via remote access and trojans in Menaggio
A high-end scam in the heart of Italian elegance
In Menaggio, where opulence meets serenity, a series of cyber scams have struck luxury hotels relying on high-end reservation platforms. These platforms guarantee customer solvency by requesting virtual deposits at booking. But now, these same tools have become the entry point for digital criminals.
The fraud starts with a convincing phone call: someone poses as a technician for the reservation software, claiming to perform urgent maintenance. The hotel staff, wanting to comply, allows remote access to their systems. That’s when the real heist begins.
Trojan malware and disappearing deposits
Once inside, the attackers silently install a trojan, a type of malware that grants them ongoing access to the hotel’s IT systems. Their goal? To intercept virtual deposits made by guests—usually international clients booking luxury stays—before final payment is due at check-out.
These advance payments, designed to prevent no-shows or damage, have turned into a prime target for cybercriminals.
First victims and the police investigation
At least two high-end hotels in the Lake Como area have reported losses between €5,000 and €30,000 per single reservation. The attackers exploit hotel management platforms that bundle booking, accounting, and payments in one system.
The Postal Police of Como is investigating, aiming to identify the origin of the calls, trace the trojan’s distribution channel, and follow the money trail, likely routed through foreign accounts or cryptocurrency platforms.
The real cost of ignoring cybersecurity in luxury tourism
This case serves as a wake-up call. While luxury hotels invest heavily in service and image, cybersecurity often lags behind. Outdated software, weak passwords, and lack of staff training create the perfect environment for exploitation.
To prevent similar attacks, hotels must:
- update all management software regularly
- train staff to resist social engineering tactics
- install professional antivirus and endpoint detection systems (EDR)
- enforce multi-factor authentication and secure VPN usage
Lake Como’s timeless glamour, now facing modern threats
The glitz of Lake Como—beloved by celebrities and magnates—now faces a new kind of visitor: tech-savvy criminals who know exactly where and how to strike. They don’t climb through windows or break into safes. They enter through a call, and walk away with thousands—virtually.
FAQ (EN)
1. What exactly happened in Menaggio hotels?
Cybercriminals tricked hotel staff into granting remote access and installed trojans to steal customer deposits.
2. How does this scam work?
Fraudsters impersonate software technicians, gain remote access, and install malware to intercept payments.
3. Which hotels were affected?
Two unnamed luxury hotels on Lake Como have reported incidents.
4. How much money was stolen?
Between €5,000 and €30,000 per booking.
5. What type of malware was used?
A trojan, which silently monitors systems and extracts sensitive data.
6. Who is investigating the case?
The Postal Police of Como is leading the investigation.
7. How can such scams be prevented?
Through software updates, staff training, antivirus tools, and secure access protocols.
8. Is this part of a broader campaign?
Possibly. Similar tactics have been seen in the tourism and hospitality sector worldwide.
9. What can guests do to protect themselves?
Use secure payment methods and verify hotel communication channels.
10. What should hotels do now?
Audit their systems, train their teams, and report any suspicious activity to the authorities.
Leave a Reply