Brighton Top 10 Hotels — Email Security Scores
April 9, 2025
Assessing Email Security for the Brighton Top 10 Hotels
As part of our Brighton email security investigation in the hospitality sector, we assessed The Brighton Top 10 hotels (as per Tripadvisor) to analyse their email security. Despite the city’s thriving hospitality scene, its cyber security standards may not be up to par.
As hotels increasingly rely on digital communication for bookings, guest services, and marketing, securing email practices becomes crucial.
Beyond security, poor email authentication can impact deliverability—important messages like booking confirmations, receipts, and check-in details may never reach guests’ inboxes. Proper email security not only protects against phishing but also ensures reliable communication, enhancing the guest experience.
With rising cyber threats, secure email practices are essential to protecting both businesses and guests. A key safeguard is Domain-based Message Authentication, Reporting & Conformance (DMARC), which builds on SPF and DKIM standards. It allows domain owners to define email authentication policies and instruct receiving servers on handling failed messages, reducing phishing risks.
Our evaluation reveals gaps in Brighton’s email security that could expose customers to phishing attacks and identity theft. While these hotels offer excellent stays, travelers should remain vigilant about digital security when booking and communicating online.
The risk levels by which we ranked each hotel’s domain:
High Risk Level (0-32%)
A high-risk domain has severe vulnerabilities in SPF, DKIM, and DMARC, making it highly susceptible to email impersonation and phishing attacks. Immediate corrective action is essential to improve security.
Medium Risk Level (33-66%)
Domains in this category exhibit significant SPF, DKIM, and DMARC issues, increasing the risk of email spoofing. Timely resolution is strongly recommended to improve overall email protection and domain integrity.
Low Risk Level (67-100%)
Domains at this level have minimal security risks, with little to no authentication issues, providing strong protection against email threats. Regular monitoring is still recommended to mitigate emerging risks.
Domain Scores of Brighton’s Top 10 Hotels
Photograph: Google Street View
1. Square Townhouse
4 New Steine, Kemptown, Brighton and Hove, BN2 1PB squaretownhouse.comSquare Townhouse is Brighton’s top boutique hotel, known for its seamless mix of historic charm and contemporary luxury.- SPF: Square Townhouse’s SPF record uses ‘-all’, which may cause issues with email deliverability.
- DMARC: No DMARC record found.
- DKIM: There is no DKIM record, so email servers are more likely to flag their emails as spam, as the lack of authentication reduces the ability to verify the email’s authenticity.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
2. Hotel Pelirocco
10 Regency Square, Brighton and Hove, BN1 2FG
hotelpelirocco.co.uk
Hotel Pelirocco is Brighton’s iconic boutique hotel, celebrated for its eclectic mix of retro charm and modern flair. Just steps from the seafront, it boasts uniquely themed rooms, each full of personality.
- SPF: Hotel Pelirocco’s SPF record uses ‘-all’, which may cause issues with email deliverability.
- DMARC: The domain has no DMARC policy, making it vulnerable to email spoofing. Implementing a strong DMARC policy would help block or filter malicious emails.
- DKIM: DKIM appears to be incomplete. Ensure that it is properly configured.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
3. A Room With A View
41 Marine Parade, Kemptown, Brighton and Hove, BN2 1PE
aroomwithaviewbrighton.com
A Room With A View is a stylish boutique hotel on Brighton’s seafront, offering stunning sea views and modern rooms.
- SPF: The SPF record uses ‘-all’, which may cause issues with email deliverability.
- DMARC: No DMARC record was found, leaving the domain vulnerable to spoofing and phishing attacks. Implementing a strong DMARC policy would help block or filter fake emails.
- DKIM: DKIM appears to be incomplete. Ensure that it is properly configured.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
4. Blanch House
17 Atlingworth St, Kemptown, Brighton and Hove, BN2 1PL blanchhouse.co.ukBlanch House is a stylish boutique hotel in Brighton’s lively Kemptown, featuring elegantly designed rooms with a mix of modern and vintage charm.
- SPF: The SPF record contains two separate SPF records, which is incorrect. There should be one SPF record per domain.
- DMARC: The DMARC policy is ‘reject’, which is ideal.
- DKIM: Blanch House currently has only one selector instead of the recommended two, and there is no DKIM record for Office 365, which should be added for proper authentication.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
5. Hotel Una
55-56 Regency Square, Brighton and Hove, BN1 2FF hotel-una.co.ukHotel Una is a contemporary boutique hotel in Brighton, offering beautifully designed rooms with a focus on luxury and comfort.- SPF: No SPF record was found for the root domain. Implementing an SPF record is essential to prevent unauthorised email spoofing.
- DMARC: No DMARC record was found, leaving the domain vulnerable to phishing attacks. Implementing a strong DMARC policy would help block or filter fake emails.
- DKIM: DKIM is incomplete: email deliverability issues may occur when sending emails to customers using Yahoo and Gmail.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
6. Artist Residence Brighton
33 Regency Square, Brighton and Hove, BN1 2GG artistresidence.co.uk/brightonArtist Residence is a quirky boutique hotel, blending artistic flair with cosy charm. Situated in the heart of the city, it offers uniquely decorated rooms, perfect for a creative and comfortable stay.
- SPF: Artist Residence’s SPF record is well configured.
- DMARC: The policy quarantines failing emails for the main domain, does nothing for subdomains, and sends DMARC reports to Cloudflare.
- DKIM: Selectors 1 and 2 could both be upgraded from 1024-bit to 2048-bit for better security.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
7. Hotel du Vin
2 Ship St, Brighton and Hove, BN1 1AD hotelduvin.comHotel du Vin Brighton is a sophisticated boutique hotel, offering stylish rooms with a blend of modern elegance and classic charm.
- SPF: The SPF record uses ‘-all’, which may cause issues with email deliverability. Reviewing and adjusting it can help ensure legitimate emails are not blocked.
- DMARC: The DMARC policy is set to ‘none’, offering no protection.
- DKIM: The DKIM records are incomplete.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
8. Drakes Hotel
43-44 Marine Parade, Kemptown, Brighton and Hove, BN2 1PE drakeshotel.comDrakes Hotel Brighton is a luxurious boutique hotel offering stylish rooms with stunning sea views and a contemporary, elegant atmosphere.
- SPF: The SPF record uses ‘-all’, which may cause issues with email deliverability. Reviewing and adjusting it can help ensure legitimate emails are not blocked.
- DMARC: No DMARC record was found, leaving the domain vulnerable to phishing and spoofing.
- DKIM: No DKIM record was found. While it’s not always possible to detect DKIM records, a more thorough review is required to fully assess any potential issues.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
9. Leonardo Royal Hotel
6 Kings Rd, Brighton and Hove, BN1 2GS leonardohotels.co.ukLeonardo Royal Hotel Brighton Waterfront is a modern, elegant hotel overlooking the seafront. Offering spacious rooms with stunning sea views, it makes the perfect destination for both relaxation and convenience by the coast.
SPF: The SPF record uses ‘-all’, which may cause issues with email deliverability.
DMARC: The DMARC policy is set to ‘none’, offering no protection.
DKIM: Ensure consistency in key lengths – currently they do not match.
%
DOMAIN SECURITY SCORE
Photograph: Google Street View
10. The Grand
97-99 Kings Rd, Brighton and Hove, BN1 2FW grandbrighton.co.ukThe Grand is a historic, luxury hotel located on the seafront, offering stunning views of the coast. With its elegant rooms, refined atmosphere, and exceptional service, it’s the perfect blend of classic charm and modern comfort for a truly unforgettable stay.
- SPF: The SPF record for The Grand uses ‘-all’, which may cause issues with email deliverability.
- DMARC: The DMARC policy is set to ‘none’, offering no protection.
- DKIM: No DKIM record was found. While it’s not always possible to detect DKIM records, a more thorough review is required to fully assess any potential issues.
%
DOMAIN SECURITY SCORE
The Growing Cyber Threat to Hotels
The increasing reliance on digital communication for reservations, promotions, and guest engagement has given cybercriminals new opportunities to exploit vulnerabilities in email security.
Brighton’s top 10 hotels, which pride themselves on delivering exceptional guest experiences, may unknowingly not be paying enough attention to their cybersecurity defences, potentially exposing their customers to scams.
Despite the availability and effectiveness of email authentication protocols such as SPF, DMARC and DKIM, many organisations, including major hotel chains, have failed to implement them. By not enforcing these policies, businesses are making it easier for cybercriminals to deceive customers into revealing personal information or downloading malware.
Experts recommend that consumers be vigilant when receiving emails from hotels. To minimize risk:
- Avoid clicking on links in unsolicited emails.
- Verify offers and promotions by visiting the hotel’s official website directly.
- Be cautious when providing personal information via email.
- Report suspicious emails to the establishment and relevant authorities.
Email Deliverability – Booking Confirmations
Not recieved a booking confirmation or email you were expecting? Are you using Gmail, Yahoo or iCloud for your email?
Google and Yahoo announced that in February 2024, they would start enforcing email authentication. The largest changes were to ‘bulk senders’, i.e. those sending more than 5000 messages a day, but we’ve seen deliverability issues with businesses of all sizes.
If you have a Gmail, yahoo or iCloud email address and aren’t receiving the emails you were expecting, it’s most likely due to an issue with the sender’s SPF, DMARC or DKIM settings.
Get Expert Support for Domain Security:
Whilst the Brighton Top 10 Hotels deliver amazing guest experiences, email security often gets overlooked.
At Black Sheep Support, we help businesses strengthen their online protection with domain security tools like SPF, DMARC, and DKIM, along with expert IT support to defend against cyber threats.
Whether you’re running a boutique B&B or a seafront hotel, we’re here to help you stay secure behind the scenes—so you can keep focusing on your guests.
Book a discovery call today to learn how we can help your business!
