Scammers are leveraging Airbnb’s platform to orchestrate a sophisticated scheme, posing as hosts and employing deceptive tactics to redirect users to fraudulent Tripadvisor websites. Malwarebytes researchers stumbled upon this scam while attempting to book accommodations through Airbnb, discovering that scammers prompt users to contact them via email to check availability, then steer them towards booking through a spoofed Tripadvisor site. This fraudulent method entails sending victims emails seemingly from Tripadvisor, urging them to complete the booking process through shortened URLs, which ultimately lead to counterfeit Tripadvisor pages soliciting payment card details.
The scale of this scam is alarming, with researchers identifying 220 related websites associated with these fraudulent activities. To protect users, Airbnb advises against off-platform transactions and encourages vigilance in identifying and avoiding suspicious emails and websites. Moreover, the company emphasizes the importance of staying within the platform for communication, sharing personal information, and making payments unless explicitly approved in advance. Users are urged to remain cautious of urgent prompts and to thoroughly verify the legitimacy of websites before entering sensitive information.
Beyond the Airbnb scam, travelers seeking accommodation via Booking.com also face risks of falling victim to similar fraudulent activities. Criminals exploit compromised hotel accounts on Booking.com to contact potential victims, highlighting the pervasive nature of such scams across online booking platforms. In light of these threats, both Airbnb and Booking.com users are urged to exercise caution, adhere to platform guidelines, and employ thorough scrutiny to mitigate the risk of financial theft and other fraudulent activities while booking accommodations online.
