My first flagged-guest Inquiry

I really wanted to send a screen-shot, but I do everything on an I-pad these days, and it got complicated. Just curious about “Roberta’s” strategy.

Loosely quoting:

“Me and my husband want to spend a few days in your beautiful place”, both are fully vaccinated. She wonders “ why is your listing publish twice on airbnb? With different prices and different host?” Then gives me “the other listing” as http:/ and ends with, “could you tell me what I should rent?”

Anyway, “Roberta”

1 Like

Yep, that’s the scam where they can access your account if you click on their link.



I would have declined her based solely on her grammar :wink:, but did so after seeing the yellow flag. AirBnb rep was non-commital.

Any ideas about what she was looking for/up to? Just curious.

Hit a milestone yesterday: 150 reviews- woo-hoo! And maintaining 4.98. I’m sharing in host forums because no one else understands what that involves or why it might be gratifying, right?


Oh! I actually did try to go to the link, but it came up bogus. Good to know not to go there next time. Thanks!

1 Like

Like @muddy said the link can give them access. The other variation is it takes you to a lookalike log in page. You login, now they’ve got your info

1 Like

:crying_cat_face: Never, ever, never click on a link that comes in a suspicious sounding email, text, message, any app.

ALL you have to do to download a virus or get your account hacked is click on that link. Period.

Go to your Air account. Change your password. NOW take a look in an incognito browser (chrome control+alt n) and search air for your neighborhood and see if there is a second listing for your home. Now check ALL STR booking engines for the same and report them.

And when reading the URL, if it doesn’t say yada .com, don’t click on it.

Air’s messaging system between hosts and guests does NOT allow clickable links - malicious code bypasses that. The ONLY links you’ll see in Air message should come via the internal Air messaging system. Never your guests or potential guests.


I agree with @casailinglady - NERVER click om links in emails or texts.


Or dink 2 moooch wrine anned rrite stuvvv. :heart_eyes:


Excellent advice!



Actually, even then it might be problematic. Scammers were using redirects where the link would start with and there would be a coded redirect to another site and Airbnb’s servers would do it. You wouldn’t know until after you clicked on the link and even then, only if your browser shows the URL (most phones don’t show it). Maybe the security vulnerability has been fixed on Airbnb’s servers by now, but don’t count on it.

1 Like

That’s why I stated NEVER click a link in a message. And yes, it can start with airbnb but mostly it will have a subdomain prefix which is a tell.

1 Like

Never, ever click on links sent by people you dont. This is how we got hacked at work a few months ago. someone clicking on a link in an email. They got access to our servers, paralyzed our activity and demanded for 2 millions to unlock us. We didnt pay and we - in IT - had to work 3 months, including weekends, to restore our systems.

This was not a clickable link. I actually had to re-type it and it came up non-existent

OMG - that’s super scary and awful - thanks for the reminder!

Same thing - NEVER copy a link like that into a browser. YOU can’t see the malicious code behind the page, but as a developer, I can promise you it’s there. Just go to the Air site and if you can’t find the link, call CS.

I have a friend who retired from IT management but has a fine art digital printing shop as his part time retirement business. He has one computer that is connected to a second cable modem (and a second IP address) through his custom firewall router that logs everything. He uses it to browse the Web in places where he wouldn’t take his other computers, because it’s used mostly as a hacker cookie jar trap.

He then reports attacks to some folks who used be security consultants for the $60 billion sovereign wealth fund where he was IT & security mgr. In return they let us know ASAP about current attacks.

I do look at message source display to see what the embedded code is in any message I have doubts about, including checking the links.


That I did not know - thank you!