Once you’ve done a number of successful bookings on Airbnb, it becomes easy to let your guard down and risk getting your Airbnb account hacked. While you may trust your guests with codes for your Airbnb lockbox and your Wi-Fi password, that is about where it should stop.
Sure, the sharing economy is built on trust, but, at the end of the day, renting out an Airbnb remains a business built on the principle of delivering a service in exchange for a fee. You would be surprised to find out that some would go to great lengths to “break into your business” to steal that revenue or get access to your bank info, credit card information, and other personal details.
Not only can it be a financial catastrophe should your Airbnb account get hacked, but you are also in danger of losing all your hard-earned five-star reviews during data breaches. In fact, the goal of some account hacks is simply to get a more credible profile.
To help you reduce the chances of waking up to a hacked account, here are the best practices to implement to avoid security issues and steps to take if you fall victim.
There are a number of ways that fraudsters can use to gain access to your Airbnb account information. Here are three of the most common ways:
Just like with other industries, a phishing email that allows senders to get their fingers on personal data like usernames and passwords is a real threat. One of the most important rules when it comes to email is never to click on spam emails as they are often types of phishing emails.
Also look out for strange-looking URLs, poor spelling, and threatening or confusing language in emails, which could all be telltale signs of a phishing scam.
You have to keep in mind that there’s an actual person behind hacking attempts. These hackers might try to infect your computer with a virus or spyware through phishy emails, pop-up websites, and dodgy downloads. These can cause a data breach which may affect the security of your Airbnb accounts.
Once the virus has found its way onto your computer, it will record the details, like your Airbnb login details or your bank account details and credit card data, and return it to the hacker.
If you use the same easy password for various accounts, you become an easy target for brute-force techniques.
In short, with this strategy, hackers will type in large volumes of username and password combinations into automated software that will try it across many websites.
So, if you use the same username and password for all your online accounts, they will gain access to more than just your Airbnb account should they be successful.
If your Airbnb account was hacked, the hacker would have left a “trail”. Here are signs that you could have been the victim of fraudulent activity.
Often, the first sign that your Airbnb account was hacked is that you can no longer log into your Airbnb account. It could be that your password, email, or both no longer work. If you are lucky and you still have access, you should change your password, username, and user email address immediately to block out the hackers, but it might be too late already.
Part of hackers’ modus operandi is to change personal details such as your email address, phone number, language preference, and payment details.
So, it is key that you review these details on a regular basis to rule out potential hacking. If you do not recall making a change, it was very likely a hacker.
You should also check your upcoming reservations. Any upcoming trip should have been received and approved by you.
If you suspect your Airbnb account was hacked, your next step will depend on how much access you still have and what the hackers have already changed.
Most of these steps are common sense, but in such a stressful situation hosts often feel overwhelmed and won’t have a clue what to do next. So, keep calm and follow these steps:
If you can still log into your current account, the very first thing that you want to do is to change your username and password.
If you can, you should also change the email that you have shared for communication from Airbnb. The reason for changing even your corresponding email address is that the email address linked to your account might be vulnerable too.
Even if you managed to change your password, username, and email account, it is still important that you contact Airbnb Customer Care to notify them about this unfortunate event right away.
Once you’ve contacted Airbnb, they will give you the option to log an official complaint about the hacked accounts and upload screenshots of the hacker’s activity.
It is also key that you keep in mind that payments made via their platform are not completed instantly. So, just because it does not look as if the hacker withdrew money from your account does not mean that he/she did not try. It could be that there is a pending transaction and if you inform Airbnb immediately they can potentially reverse this transaction.
Needless to say, if you could not manage to log into your account with your login details, contacting Airbnb’s customer service department should be your first port of call. You can find their telephone number on the contact page of their official website. As every second counts, it is recommended that you first try to phone them instead of sending an email.
Some users have also had luck with using Twitter to get Airbnb’s attention.
While it is better to phone, it is a good idea to send a follow-up email. This way, you can create a paper trail that you can use as evidence if it should lead to legal action.
It can be frustrating, but prepare yourself mentally that you will most likely need to be patient (and not just for an Airbnb operator to answer your phone calls).
The reality is that resolving a security breach like this requires time. So, stay calm and wait patiently after you have called Airbnb as getting worked up won’t help anyone.
Whether you are in the fortunate position never to have a hacked Airbnb account before or you have been a recent victim, here are seven safety tips to keep your account safe and reduce the chances of it getting hacked on the Airbnb site in the future.
Hosts and guests have reported that one of the first clues they got that suggested something was off was an email from the vacation rental platform, but in Chinese. This email reminded them to leave a review for a recent booking. While this email might not have been the source of the hack, you should never click on any links in a strange email.
Also, keep in mind that there are many websites that try to copy the look of Airbnb’s official website. So, guard against clicking on links on these types of copycat websites.
Even if you are on a legit website, if it is unsecured or unprotected, do not share any of your data. Your web browser will often use a pop-up notification to alert you to unsecured websites.
One of the golden rules for internet safety is to avoid using the same password for all of your accounts, as mentioned before. This is especially important if the account is linked to your credit cards.
Not only should you use unique passwords for your different online accounts, but you should also ensure that all the passwords that you create are strong. In other words, it should not be easy for others to guess. So, avoid using birthdays, anniversaries, or a loved one’s name.
Instead use passwords with a combination of lower and upper case letters, numbers, and punctuation marks.
Even if you were diligent and ensured that you use different passwords, it is key that you make a habit of changing your password regularly. It is recommended that you change your password every three months.
If you do not use two-factor authentication yet, it is an extra security measure that you should definitely put in place.
In short, with the two-step authentication method, when you log into your account from another device that you do not usually use, it will send you a notification email or a text message to double-check that it is in fact you and ask you for permission to continue. If you do not trust this device, you simply decline access. This will prompt the user to share more authentication details.
While it can be a bit of an inconvenience, using extra authentication information and methods is still far better than possibly getting your Airbnb account hacked.
You might have to phone Airbnb to request that they set up two-factor authentication for your Airbnb account, though.
If you want to use a vacation rental management software solution to automate many of your routine tasks, make sure that it is secure. You can, for example, try out a tool like iGMS, a preferred partner of Airbnb.
After you have connected your short-term rental accounts, you will keep all of your existing account access and permission. You can also rest assured as iGMS won’t have access to your personal data and any data that you share will remain completely confidential.
One of the major benefits of using iGMS is that it helps you to manage multiple accounts. It can quickly become very frustrating having to switch between various accounts, especially when you followed best practices and used different passwords for each. Though, with iGMS, you can manage all your accounts via a single secure interface.
So, even if you receive an email you are doubtful of but want to make extra sure, you can log into your Airbnb account through iGMS instead of following a potentially dangerous website link.
Other tasks that iGMS can help to streamline include:
Hackers are generally very sophisticated. They can mimic Airbnb’s website by using the same style of language and logos, making it hard for hosts to distinguish that it is, in fact, not their official website.
Always be vigilant. If anything seems off, rather not share your account information on such sites. It is also better to access the Airbnb site by entering the website address instead of using a link shared in an email as a shortcut.
If you do not have any anti-virus software installed, it is highly recommended that you invest in a well-known solution. While it should not replace the safety tips mentioned above, it will give you added security and protection against malware and the common techniques used by hackers. These types of software solutions usually charge a yearly membership fee, but you can also experiment with free antivirus versions.
At the end of the day, Airbnb is not the only online business where your account could possibly get hacked. The truth is that whenever you transact on the internet, you need to implement safety measures to keep your credit card account details and other personal information safe.
Though, if it is your livelihood that is possibly at stake, it can be even more traumatic. For this reason, it is crucial that you implement best practices. Then, in the event that you do fall victim to a hack, remember to follow the correct actions and steps immediately to remedy the situation.