Airbnb customers being scammed by criminals
Innocent people are being targeted with convincing phishing emails as company’s check they’re complying with privacy laws.
Close-up of an unrecognizable woman using the Airbnb App on her Lenovo A916 Android smartphone in a car. Login screen with Facebook and Google sign up options. Airbnb is a service for people to list, find, and rent lodging. It currently has over 1,500,000 listings in 34,000 cities and 190 countries.
Image: Airbnb customers are being targeted by scammers
Airbnb customers are being targeted by scammers who are sending convincing phishing emails, a cybersecurity company has warned.
Hackers are attempting to spread malware and steal personal data by fooling Airbnb customers into following malicious links and entering their personal information into a system that they control.
According to security firm Redscan the criminals are taking advantage of the new privacy laws across the EU, the General Data Protection Regulation (GDPR) which comes into effect on 25 May.
Redscan discovered the phishing scam which encourages recipients to update their personal information to continue using Airbnb.
:: Five ways fraudsters could make a fool of you
Real and fake emails that used might think are coming from Airbnb. Pic: Redscan
Image: Real and fake emails that used might think are coming from Airbnb. Pic: Redscan
Redscan’s director of cybersecurity, Mark Nicholls, said it was difficult to estimate the scale of the scam, but it was likely to be directed at email addresses scraped from the open web.
“The irony won’t be lost on anyone that cybercriminals are exploiting the arrival of new data protection regulations to steal people’s data,” said Mr Nicholls.
Redscan advises internet users to check their emails for signs that the sender is who they say they are, and look for use of fake addresses.
Fake addresses won’t use a real brand’s official domain, they will often use a bogus variation intended to look legitimate according to Redscan, such as @mail.airbnb.work as opposed to @airbnb.com which is legitimate.
Mr Nicholls added: “Modern phishing campaigns are becoming increasingly difficult to spot and people need to be extra vigilant when opening emails and clicking links, since it’s important to ensure they originate from a trusted source.”
Airbnb told Sky News: “These emails are a brazen attempt at using our trusted brand to try and steal user’s details, and have nothing to do with Airbnb.
“We’d encourage anyone who has received a suspicious looking email to report it to our Trust and Safety team on firstname.lastname@example.org, who will fully investigate.
“We provide useful information on how to spot a fake email on our help centre and work closely with external partners to report and help remove fake Airbnb websites.”