- Airbnb fraud has increased 30-fold since 2023, including a sharp increase this year
- Criminals hijack legitimate host accounts to trick vacationers
- Staying safe is not so straightforward as threats evolve
Airbnb-related fraud activity has increased 30-fold since the first half of 2023, according to new research from Saily and NordStellar, confirming that cybercriminals continue to go after vacationers looking for the best deals amid rising prices.
The report ultimately concludes that attackers are now targeting the trust built by larger platforms, saving them from having to build new identities from scratch.
And on top of it all, the nature of fraud is also changing, as instead of using dubious websites to solicit victim payments or information, criminals are now targeting legitimate Airbnb host accounts that have spent years accumulating positive reviews and high ratings.
Exploitation of legitimate accounts and hijacking of trust
While the end goal remains large volumes of vulnerable consumers, fraudsters have added an extra layer of victims to their pipeline. Verified Airbnb hosts are now valuable assets to criminals because they already have identity verifications, positive reviews, booking histories, years of activity and established credibility.
Once the verified account is compromised, attackers can then proceed to defraud larger amounts of unsuspecting victims by posting – and charging for – fake property listings.
“Travelers are getting better at spotting obvious scams,” said Saily Product Manager Matas Cenys. “Criminals know this, so they are increasingly trying to steal trust rather than building false trust from scratch.”
However, where this type of attack differs from others is that the victims never leave the platform. Instead of falling victim to phishing attacks and being redirected to malicious external websites, they fully interact with presumed legitimate hosts on the Airbnb platform.
While Airbnb attacks have seen a 30x increase in about three years, and a sharp increase in the last year alone, they reflect a much broader trend of attackers compromising existing trusted accounts.
The latest ramp-up in attacks may also be linked to the summer season, with holidaymakers looking to book last-minute deals in the run-up to the summer season. Speed and pressure to keep costs low also contribute to the success of criminals.
“Everything seems normal until they arrive at their destination and discover that the residence never existed,” Cenys added.
How to protect yourself from booking fraud
Saily recommends that all communications remain within the booking platform and that customers avoid payment methods proposed outside of official channels. Unusually attractive listings in high-demand destinations can also be taken with a grain of salt, and savvy shoppers may choose to reverse image search a property to double-check its authenticity.
“As travel bookings become increasingly digital, trust will become one of the most valuable currencies in the travel ecosystem,” Cenys warned.
As for abusing victims’ trust, researchers also claim that AI has aided attacks by allowing criminals to produce better fake listings more quickly.
More broadly, Airbnb revealed that two out of five Americans have fallen victim to an online scam, with the average loss totaling nearly $2,000. The company has introduced measures to remind its users how to avoid fraud, including introducing identity verification and reminders not to leave the platform, but account takeovers can still slip under the radar.
Airbnb also holds guest payments until 24 hours after check-in to ensure everything is as described. Anti-fraud technology also prevented around 265,000 suspicious ads from appearing on the platform by 2025, the company boasted.
The company issued a comprehensive eight-step list of how to avoid scams on its platform online, encouraging pre-emptive tactics and unusual deals.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
