Airbnb-themed phishing scams do not crop up often, but customers of the service should be aware of the possibility of getting their login credentials stolen and misused.
Malwarebytes’ Chris Boyd has recently spotted an email phishing campaign impersonating the company, and directing customers towards a fake Airbnb login page:
More knowledgeable users might notice the lack of the green padlock in the URL bar and realize that the connection is not secured. They might also find the length of the URL suspicious. But those who don’t will have their credentials stolen and will be redirected to the legitimate Airbnb website.
If you’re wondering what scammers can do with your Airbnb account, the answer is a lot. As Boyd notes, “there’s always something to be gained by a spot of credential pilfering.”
By impersonating an account holder that already has a good reputation on the service, scammers might trick would-be renters into paying them in advance for a service they can’t offer, and to do so through alternative payment methods that don’t allow payment reversal.
This type of scheme results in a non-negligible one-time money loss for potential renters, but can have catastrophic consequences for the legitimate account holder – a reputation hit can lead to considerable money loss in the long term.