‘GMA’ Investigates 4 Hotels Scams This Holiday Season

— -- Before you check in to your hotel this holiday season, there are four serious hotel scams you need to know about.

The first: the pizza flier scam. Authorities say thieves create fake pizza fliers and slide them under the door of people’s hotel room. If people call the number on that flier and give out their credit card number, the number is stolen.

People are advised to make sure the restaurant advertising on the flier is legitimate.

“The big trick there, don’t pay in advance,” Consumer Reports’ Anthony Giorgianni told “GMA” Investigates.

The second scam is the front desk phone call, where a hotel guest will receive a call purporting to be someone at the hotel’s front desk. The caller will say the hotel’s system broke down and they lost the guest’s credit card information, and then the fake hotel worker will ask the guest for his or her credit card number.

Stephanie Capretto says she received one of those calls while she was traveling for work.

“It was a man on the line saying that he was a hotel employee and due to the … electrical storm the night before, they had lost all of my information because the system went down because of the power outage,” she said.

Capretto started to give out her personal information, but then she stopped.

“I heard the phone ring in the next room so I figured at that point that there was something fishy going on,” she told ABC News.

If someone receives such a phone call, a good way to avoid a potential scam is to go to the front desk in person to resolve any issue.

“Absolutely, go down talk to them. Make sure that’s who it is,” Consumer Reports’ Giorgianni said.

For the next two schemes, Dave Porcello, the founder of Boston-based cybersecurity firm Pwnie Express, showed ABC News how hackers look to attack.

In one example, Porcello set up a fake Wi-Fi spot and named it “hotel guest Wi-Fi.”

When ABC News correspondent Paula Faris connected to Porcello’s network, he could see everything she did, including every site she visited. Porcello could have seen her email passwords, credit card information, Social Security number and any other sensitive information she typed in.

To avoid the fake Wi-Fi trap, Porcello said, travelers should ask the front desk which Wi-Fi spot belongs to their hotel.Finally, for people who may use their hotel’s business centers, Porcello had a warning about an innocuous-looking device called a key logger.

The small device, which typically looks like a standard-size USB, can be plugged into a computer to record every button that’s pushed by a user.

“So obviously that would include credit card numbers, passwords, usernames,” Porcello said.

In a statement, the American Hotel and Lodging Association said: “The hospitality industry is vigilant in attempting to identify and prevent dishonest activities,” and it urged travelers to “remain vigilant … and always err on the side of caution.”