Microsoft and Trend Micro found hotel phishing attacks using fake guest complaints and photo links to target staff in Japan.