What to do Against Hacking on Airbnb, Booking.com, and Expedia

Recently, there has been a surge in hacking incidents targeting guests on popular travel booking sites like Airbnb, Booking.com, and Expedia. Phishing scams, in particular, have become a significant issue, affecting many hosts. According to IBM Security, the travel industry has become the second-most targeted industry for cybercriminals, following the financial sector. Since AI for example ChatGPT became available for everyone incidents have exploded because AI allows bad actors to create better content in multiple languages.

How the scams work

The preferred method of attackers are phishing Emails and malware which takes over the computer. They use fake ads leading to fake login sites and social engineering to abuse the helpful nature of the hospitality industry to gain access to properties accounts via well crafted phishing Emails.

Once a computer is hacked attackers have access to bookings and they will approach guests claiming to be the hotel or to be the OTA trying to extort payments or credit card details.

Phishing as a Service has increasingly targeted the hospitality industry over the past year, with login details for OTA accounts being traded like commodities on the darknet.

As bad actors professionalize their “business,” it becomes increasingly important for accommodation providers to protect themselves.

How PhishingBuster combats phishing

Hackers typically persist in sending phishing emails until they lose access to the host’s Airbnb, Booking.com, or Expedia accounts from their PCs. Often it takes a while until the properties notice that they have been hacked and that their guests are being attacked.

PhishingBuster is a robust tool designed to detect phishing scams. It identifies and notifies hosts of spoofed emails sent from their PCs, enabling them to promptly take action, such as changing passwords, to thwart future attacks.

PhishingBuster monitors messages sent from Beds24 accounts to guests (Airbnb, Booking.com, Expedia) on an hourly basis.

Here an example of an actual hacker message detected by PhishingBuster:

Dear (real guest name),
Unfortunately, your reservation may be canceled due to an error in checking your payment method. You can check your payment method via a personalized link:
https://airbnb-verify.xxxx/payment/XXXXXXX

The actual texts may vary as attackers update them constantly but all messages links to pages which look exactly like the actual channels websites, so they can be easily mistaken for real.

All Beds24 users can now integrate PhishingBuster to safeguard themselves and their guests. Sign up for PhishingBuster and start your free trial.

What else can properties do

Bad practices such as sharing passwords, insecure password, reusing passwords allows malicious actors to gain access to passwords and computers more easily.

Make sure you educate staff and apply best-practices to protect your business and your guests. Read more in this article.