Criminal hackers are taking advantage of the popularity of Airbnb with phishing campaigns targeting that site’s customers.
One recent scam involves the General Data Protection Regulation (GDPR). GDPR is a regulation that requires businesses to protect the personal data and
privacy of European Union citizens for transactions that occur within EU member states. Websites across the world are being affected. The regulation took effect in May and many organizations are updating their privacy policies and emailing customers to ensure they are aware of the changes. The phishing scam seeks to exploit this. A phishing email, which claims to be from Airbnb customer support, advises users that they must accept a new privacy policy based on the GDPR before they can make any further bookings. Anyone who clicks the link is asked to enter their personal information, including account credentials and payment card information.
Another scam involves fake Airbnb property listings. Scammers post these listings to lure in interested renters. Once someone reaches the stage of being ready to book, the scammers will send a link to the Airbnb listing asking them to complete the booking through a real-looking, but fake, site. Once on that site, the prospective customer’s identity and payment information is stolen. Similar scams involve the fakers asking for advance payment, for properties that do not exist.
Airbnb has tips to avoid these, and other, scams involving their site here.
