In an unusual move, phishers have targeted the membership scheme for Hilton Hotels rather than a traditional banking or auction site.
Professional-looking emails have been spammed out over the last few days asking members of the Hilton Hhonors scheme to reregister their details. Credit card details are also requested by the site, which is hosted in Romania.
"It's the first time the Hilton has been targeted," said Mark Murtagh, technical director at web-filtering company Websense.
"People have got wiser about bank phishing and this indicates a new approach. I predict we'll see airlines, car-rental companies and other commercial concerns attacked as phishers look for alternative ways to get bank details."
Murtagh pointed out that the increased use of one-click shopping systems, which store banking details on sites automatically to stop users having to re-enter data, is a new vector of attack and one consumers are less informed about.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all