Airbnb Fraudsters Stayed with Vulnerable Hosts

Airbnb Fraudsters

Despite being alerted to a security breach, Airbnb failed to warn hosts that strangers impersonating legitimate customers were in their homes.

sinead photo

The hacking was revealed earlier this year when London-based consultant, Sharon O’Dea had her Airbnb profile hacked and used to make bookings.

Ms O’Dea stated that she was made aware of the security breach when she received a password reset email prompt from Airbnb. She then discovered that a total of three bookings for three nights in the City were charged to her account costing between £300 and £400.

The hacker posing as O’Dea had also confirmed check-ins with Airbnb hosts outlining that they would be staying “with friends”.

After reporting the breach, Airbnb stated that they cancelled the bookings and made the hosts aware of the incident, however, she still received messages from the hosts days later asking her how she was finding her stay.

O’Dea was “shocked” to discover that the hosts had not been made aware that strangers were staying in their homes.

“Airbnb didn’t tell her a complete stranger had access to her home, posing as me,” she explained. “I said, ‘I don’t want to alarm you but there is someone in your house that isn’t me and I would call the police’.”

Recommended:

Despite being informed that the issue had been “handled” by the room-letting website, Airbnb attempted to give Ms O’Dea over £100 worth of damages that had been caused by the hackers at one of the properties.

Ms O’Dea described the company’s reporting systems as “broken”, adding: “It’s incredible that Airbnb would not tell someone when there is clearly something illegal happening”.

“If someone hacks your account, they can just randomly turn up at a flat. It doesn’t paint them [Airbnb] in a very good light on personal safety.”

Airbnb users have often been targeted by online fraudsters in the past to trick them into overpaying for their stay or paying twice.

Last month, cybersecurity company Kaspersky found that fraudsters were using a $550 subscription service to try to scam Airbnb customers ahead of the summer holidays. The fraudsters created fake property profiles that asked Airbnb users to click through to clone payment sites which were linked to cybercriminals’ accounts.

Although Ms O’ Dea recovered her money and no one was harmed, she said the incident demonstrates significant issues with the company’s security system and the way in which Airbnb treats its hosts.

A spokesperson for Airbnb said: “Our handling of this isolated incident was unacceptable, and we are in contact with the guest and hosts to apologise and offer our full support”.

“The safety and security of our community is our priority and we are working with our team to review our handling of this matter to ensure we do better in future. “



Latest News

Cybersecurity Events
18th November 2019

Scot-Secure 2020: Call for Speakers

Data Government News
18th November 2019

UK Home Office Brexit App Lacks Basic Security

Cybersecurity News
Cybersecurity Data News
18th November 2019

Magic: The Gathering Maker Confirms Major Data Leak