This week was the victim of a Russian hacker who got my email and password thru a phishing scam.
She got access to my account (login history says from St Petersburg Russian) and:
- turned off all notification alerts so I would not be informed of what she was doing,
- posted 2 fake apartments in my area (photos, description, everything!) on instant booking on my profile,
- switched my listings all to instant booking
- and was in the process of changing my email and password when luckily I was just in time to stop her.
Then (as revenge? or to distract me from what she was doing on airbnb? ) she destroyed my main email account, enrolling it into thousands of websites per minute so I get thousands of spams per hour the email must be closed down.
Here is the detailed story of what happened, please read, it can happen to you.
I am tech savvy and very prudent. I fell for this due to the airbnb pressure to respond quickly to inquiries and use my phone to respond instead of waiting till I’m home to use the computer.
After landing from a trip I noticed an inquiry from a guest “Camilla” . She wanted to book my place but she saw another with identical photos and wanted to check it was not a scam. She included an airbnb link in her inquiry to another listing. Since it was an internal airbnb link I thought I should check. I clicked on the link and it took me to the airbnb home page (so I thought). It was a phishing site that looked exactly like the airbnb login page. On the small screen of my phone I couldn’t see the url and I couldn’t see the imperfections of the fake airbnb website. I stupidly filled in my email and password. Of course it took me nowhere, so I did it again. Duh, duh, duh.
I’m sure if I had taken the time to do this on my computer at home I would have realized that this was a fishing site.
The URL was exactly like airbnb: https://www.airbnb.com/rooms/2222xxxxx?preview_for_ml=true&guests=1&adults=1 EXCEPT there was an accent over the N in airbnb like a spanish tilde, which I only noticed afterwards.
(2) Camilla now has my airbnb user and password First thing she does is send me another little request asking if I accept pets. Ha!
(3) Deactivating notifications
Next thing Camilla does is deactivate every possible notification, on the settings page, so that I do not receive any email or text messages as she starts modifying all the other parameters of my account.
(4) Created fake postings and switch everything to instant book
She created two fake listings with photos, description, all the parameters up and on instant booking of course. She copied my apartment names and gave similar names to these fake listings.
She switched all of my REAL listings to instant book.
(5) Changed email associated with airbnb account
Camilla waited a bit perhaps to see if I was going to notice. I didn’t!
Next day, she changed the email associated with my account to a new email that she created on mail.com to emulate my email.
(6) Spamming - revenge or distraction?
Almost immediately after changing my airbnb password AND messaging airbnb support, who did call back immediately, I started getting hundreds of spam on my email account.
Camilla had used my airbnb email to sign me up for thousands of newsletters, enroll me in forums, sign me up for appointments, free tests, whatever… hundreds of spam start flowing into my main email account.
That account is now impossible to use, I had to shut it down and spend 3 days managing this problem.
The hundreds of spam would also make it difficult for me to spot Airbnb support messages or notifications.
(7) Payout and Paypal account.
Camilla obviously saw everything in my account, my payout details, etc.
She was able to see that I had a paypal account linked to the airbnb email.
LUCKILY I have different password on that paypal account! Everybody, go change your paypal password if it is the same as any other website!
Post Script: I suspect “Camilla” might have actually been a GUEST at my apartment, a group of 3 Russians rented my place last month on BOOKING.com. They had strange behaviour, I’ve never had guests so messy and careless and unpleasant. After they were gone I thought perhaps the internet router had been tampered with. One of the guests has the same name and physical appearance as a professional computer programmer managing director at a russian “computer game” company (ie, troll farm), found on LinkedIn. They also paid the security deposit cash claiming they didn’t have access to Paypal (!) and had me reimburse it on their Cyprus bank account (!) so now they know one of my account numbers.