Yes, thanks Clare, I took all of those steps as well. I'm at a loss as to where the intrusion origniated, but I suspect it was through a third-party application that I only noticed was added today. Regardless - still no idea about the Euro warning.

@James146  It all starts with a scammer obtaining a user's email.  Most users, hosts and guests alike, are unaware that emails are the first key to getting access to a user's account.  The second key is the login password.  How do they do they get that?  They send phishing emails or texts, if they have a phone number, of all sorts pretending to be from Airbnb asking users in one form or another to "login"  by which means they capture the password. This is standard operating procedures for scammers on many sites such as Netflix and others that have been in the news recently. 

Scammers are incredibly sophisticated. They have set up websites that have the word "Airbnb" in them but are totally fake.  They even use Airbnb's format and language style.  Check out this phishing attempt from a while ago.  The "lure" was a subscription to getting better search placements.  Who wouldn't want that, right?

Looks real ?  Nope, there is no "airbnbpremium.host" domain associated with Airbnb.  Scammers make these things look so real it is difficult to tell. 

Once a scammer gets into a user's account, they take control and change the settings and/or accounts to divert payments which may have happened to you.  Are you missing any reservation payouts? Also, scammers post phony, too good to be true,  listings with pictures encouraging guest to contact the "host" off site with a personal email.  This is what it looks like: 

Next, the "host" sends wire transfer instructions for payment...outside of Airbnb.  It's like giving cash to a stranger on the street. 

This is probably more than you wanted to know so please forgive me.  

The EUR issue is bothering me.  I would advise you to contact Airbnb to be sure all is correct with your payout account. 

Also, if I didn't send this to you before, here's a great help article to determine if an email is really from Airbnb:

www.airbnb.com/help/article/971/how-do-i-know-if-an-email-is-really-from-airbnb

I'd be happy to answer any more questions you might have, Clare

Hi @Clare0, thanks for taking the time to write a truly fantastic and thorough response. Fortunately, I don't think I fell for any of those particular scams, and I'm (cautiously) optimistic that I'm in the clear.

But the EUR message is still there. My bank account (as yet) is still mine, and listed as pending. Will update my status once something changes. Yes, I should contact Airbnb. I certainly understand why Airbnb makes technical support difficult to access, when knowledgable community members can answer the vast, vast majority of questions, but the arm's-length response to more specific, programmatic problems is frustrating. I've still yet to receive even an email from the security manager assigned to my case.

Hi @Clare0, airbnb finally called me and we resolved the issue. The EUR message was a back end fix - not sure if that's the vulnerability the hacker used or not. But, I'm happy to have this chapter closed.

I wish I had a cleaner answer for *how* this happened, exactly. I'm proud enough to think it's unlikely I entered personal info into a dummy site, and I'm sure I never left a workstation with my information up. But, ultimately, no harm no foul - the lesson learned for me is to monitor closely and regularly!

Thanks Melanie, I've done that as well.

Oh!  I just noticed you are in Charlottesville!  That is where we lived most recently - miss it so much!

Yeah, Charlottesville is the best! You'll have to come visit sometime. Thanks for the help!