Scamming Airbnb and Booking.com users is so lucrative that criminals have created ready-to-use toolkits
2024-12-16 17:14:46
Travelers who use Airbnb or Booking.com are probably aware that cyber scammers have schemes to rip off customers on these platforms. Now, digital security business Eset has discovered a set of new tools that have been made widely available for internet criminals. The toolkit has specifically been designed to scam travelers who use Airbnb and Booking.com services. How does the scheme work? Eset Research describes …
Travelers who use Airbnb or Booking.com are probably aware that cyber scammers have schemes to rip off customers on these platforms. Now, digital security business Eset has discovered a set of new tools that have been made widely available for internet criminals. The toolkit has specifically been designed to scam travelers who use Airbnb and Booking.com services.
How does the scheme work? Eset Research describes the toolkit that is marketed under the name Telekopye as follows.
- Criminals who have purchased the toolkit get access to Airbnb and Booking.com accounts that have been hacked earlier.
- Using this real data as the way to convince the targets, scammers send messages to travelers who have recently paid or haven’t yet paid their reservation.
- The message claims there is a problem with the reservation that can be settled by instant payment. The victim is asked to follow a link included in the message.
- The link takes the victim to a page that looks exactly like an Airbnb or Booking.com page. The victim pays to solve the problem, and scammers receive the money on their bank account.
Although the scam started with the real data – traveler’s own reservation data – it ended on a payment page that was carefully prepared by the criminals to look like a legitimate travel reservation page. The link of the page is the only visible sign that indicates it is not a genuine Airbnb or Booking.com page.
We reported about the same scam more than a year ago when security experts reported that both Airbnb and Booking.com host and guest accounts were hacked at a large scale. Apparently, these two online travel services have done very little to improve their system security. The same scheme has become so common that toolkits can be purchased by anyone who has a desire to become a cyber criminal.
What can a traveler do to avoid the continuing security problems in reservation services? The fastest and also an almost fool-proof way to ensure you are not scammed is to stop using Airbnb and Booking.com. If you don’t want to do that, you have to be extra careful every time you get a message or phone call from your travel reservation service. If you are asked to follow a link, you have to learn how to verify the link is from the service you use, and doesn’t take you another web site.