Log In  

Another phishing came!! Be very careful and never input your credential to any other sites

‎28-01-2020 10:28 PM
Eddie9
Level 2
‎28-01-2020 10:28 PM

Another phishing came!! Be very careful and never input your credential to any other sites

Screen Shot 2020-01-28 at 2.23.29 PM.png

Of course, when I click the link, sure enough it is airbnb sign on page, which is intended to steal my credential....

 

Screen Shot 2020-01-28 at 2.26.21 PM.png 

Airbnb, please warn host on this as it is very bad....

‎28-01-2020 10:28 PM
4 Replies 4
‎28-01-2020 11:39 PM
Sarah977
Level 10
Sayulita, Mexico
‎28-01-2020 11:39 PM

@Eddie9  Never click on any link in an Airbnb message from a guest. Even if you didn't sign in to that box on the link, they could still get your info because you clicked on it from your hosting account. This exact same scam wording has been posted here by other hosts. This isn't Airbnb customer service, but a discussion forum for hosts and guests. You need to immediately change your password and report this message directly to Airbnb, so they can disable the account it was sent from.

‎28-01-2020 11:39 PM
‎28-01-2020 11:54 PM
Eddie9
Level 2
‎28-01-2020 11:54 PM

It is a mainly a phishing attack, but not CSRF attack as far as I know.  The url is not with the domain airbnb.com or withairbnb.com (both are the official domains of airbnb), so my browser will not send my host account cookie to them. That should be fine. 

I have reported this message to Airbnb already. But you are right, in general, one should not click any link because of CSRF (although I am sure airbnb engineers should have the CSRF token or samesite flag setup correctly to mitigate that). 

‎28-01-2020 11:54 PM
‎05-09-2020 10:04 PM
Katrina79
Level 10
Saskatchewan, Canada
‎05-09-2020 10:04 PM

Heads up, I just received one of these messages. I didn’t bother using the link they sent, but I did compare it to my listing links and it’s definitely a fake designed to steal my log-in info. Reported to Airbnb. This is the first time I’ve received a scam message, how often do other hosts receive messages like this? 

‎05-09-2020 10:04 PM
‎05-09-2020 10:16 PM
Ann72
Level 10
New York, NY
In response to Katrina79
‎05-09-2020 10:16 PM

@Eddie9  Thank you! @Katrina79  I have only gotten one or two in 6 years. I get more scammers than real bookings on VEBO/Homeaway, so many that I actually have a canned response.

‎05-09-2020 10:16 PM

More from Community cafe

My introduction

@Rebecca , Hello everyone, I'm Vincent from Mombasa, Kenya. ... Latest reply
@Rebecca , Hello everyone, I'm Vincent from Mombasa, Kenya. I'm a new host here at Airbnb and I'm happy to be amongst the com... Latest reply

Good morning everyone

My name is Senel Cuce, and I’m excited to be part of this am...
My name is Senel Cuce, and I’m excited to be part of this amazing community! I currently host my own successful Airbnb proper...

More tools to help you meet your goals

Resource Center

 Explore guides for hospitality, managing your listing, and growing your business.