View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
May 3, 2018updated 06 Jul 2022 6:05am

Airbnb Customers Target of Phishing Scam

"A brazen attempt at using our trusted brand"

By CBR Staff Writer

Airbnb customers are being targeted by a phishing scam that seeks to exploit the incoming General Data Protection Regulation (GDPR), cybersecurity company Redscan said on Thursday.

Scammers are posing as legitimate business in email communications, taking advantage of the fact that businesses are actively seeking fresh consent from users ahead of the May 25 GDPR implementation deadline.

The email requests users to update their personal information (through a malicious link) in order that they can continue to use Airbnb services.

Mark Nicholls Director of Cyber Security at Redscan said in an emailed statement: “The irony won’t be lost on anyone that cybercriminals are exploiting the arrival of new data protection regulations to steal people’s data.”

He added: ‘’Using current events and trends as bait for social engineering attacks is a common tactic. Scammers know that people are expecting exactly these kinds of emails this month and that they are required to take action’’

Airbnb: Phishermen Not Welcome

Airbnb said: “These emails are a brazen attempt at using our trusted brand to try and steal user’s details, and have nothing to do with Airbnb. We’d encourage anyone who has received a suspicious looking email to report it to our Trust and Safety team on report.phishing@airbnb.com.’’

Businesses and customers are being advised to be extra vigilant as GDPR approaches. Phishing scams can often be discerned by scrutinising the domain and email address attached to incoming mail. Cybercriminals often use slightly altered domains and address to fool users into believing they are communicating with an official company channel. Airbnb variations can look like @mail.airbnb.work in contrast to the companies official address @Airbnb.com.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“Modern phishing campaigns are becoming increasingly difficult to spot and people need to be extra vigilant when opening emails and clicking links, since it’s important to ensure they originate from a trusted source.,’’ Mark Nicholls added.

Other key variances to watch out for in your inbox are changes or inconsistencies in a brand logo, such as incorrect colour or font type.  Spelling mistakes can also help in identifying a real communication form a phishing attempt.

Phishing cybersecurity attacks continue to be a severe and common threat to companies and their customers, with even the largest IT companies reporting data breaches through such attacks. The start of this year saw Facebook and Google confirm that they were the target of a $100 million phishing scam by Evaldas Rimasauskas who posed as an Asian manufacturing company.

The UK National Audit Office believes that around £14.8 billion was stolen from UK customers through phishing in 2017.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU