Recently Hacked

Has anyone had their Airbnb site hacked? My site was taken over with new pictures of a flat in Amsterdam. Quite a drive from Puyallup Washington! The second picture of the flat gave the customers instructions on where to send their money for their reservation for the flat. I contacted Airbnb and spent several hours working to regain control of my site. During this process I obiously changed my password. I have been contacted by Airbnb twice more that someone is trying to gain control of the site again. They have again recommended I change my password again, and again. When I examine who has logged into my account it shows up as Boardman Oregon, Amsterdam, Spain, France, and Austria. I don’t know when this will end, and when I will again feel secure with my site. Anyone else have this issue?

It would take a very gullible person who has never used Airbnb to fall for this scam. At least it would seem that way. Also, how would they react once they did book using the usual Air online procedure?

I agree, I can’t imagine someone booking on the site; however it certainly disrupted my listing.

Hi @LynnB1,

Do you have any idea how this happened? Nobody can just guess your password. To be clear, you’re talking about your listing on Airbnb, right?

I recieved what I thought was an Airbnb email asking me to agree to their new policies regarding non discrimination in bookings. It didn’t go through at first so I re-entered my information a second time. I believe this is how they obtained my password. I have received a subsequent email from them, again asking me to log on. Obviously I haven’t, however it looks amazingly like Airbnb.

Yes, it has and does happen on CL. But I can’t see how it could happen on Airbnb unless someone went to the trouble to create a bogus Airbnb web site maybe?

They just send a spoof email.

Never click a link send in an email from AirBnB.
Always go to the site yourself, log in and check any messages.

Mails can look as if they are coming from AirBnB, and even go to the original site, but capture keystrokes.

This sounds like standard phishing. It’s a good rule of thumb to never click on a link in an email. Always type the url in manually, or use a bookmark. Unless it happens to be an email you’ve written yourself. And a lot of mail clients these days will highlight/display the actual links in the email, which often make it obvious that something fraudulent is going on. The mail client I use, Alpine, does this.

I still don’t understand how. I use CL once in a while, and when I post stuff I have to have a CL account, then upload pics and put in text. And if you put a link to your Air listing it would just go there. Although I don’t think CL lets you do that any longer.

I think scammers highjack CL listings and then alter to divert the payout destination.

Oh I understand about being able to post a link. You can no longer do that. I have used CL to advertise our Palm Desert place with very good luck. You just have to screen people carefully.

I’m a reporter with doing a piece on Airbnb accounts being hacked and was hoping to chat with you. I’m at (212) 416-3011 and my deadline is 3 pm ET today.