In case you’ve been living under a rock, it pays to know that online scams are everywhere — with short-stay accommodation scams being no exception. In 2023 alone, Australians were scammed of more than $337,000 in connection to Booking.com, according to the ACCC. But if you know what to look for and apply best practices, you can reduce the risk. Here’s what you need to know.
What are phishing scams?
Phishing scams are cyber attacks by professional criminals — fraudulent online attacks where the scammer pretends to be someone else to steal money or data. They are the most common method for organisational breaches. In the short-stay accommodation space, this might involve fraudulent emails, phone calls or text messages to steal reservation details, personal information or credit card numbers. They also may be used to take over the victims’ local computer systems and install malware.
These scams have sometimes led to unauthorised access to a host’s Booking.com account. Once inside the account, the criminals can temporarily impersonate the listing and communicate with guests directly via messages or email.
However, a spokesperson from Booking.com has said, “It’s important to highlight that Booking.com’s back-end systems and infrastructure have not been breached, and the number of accommodations impacted are a small fraction of those on our platform.”
Here are some of the more common online scams.
Suspicious or unverified profiles
All guests should have a verified profile. Suspicious profiles are ones where the details are incomplete or unclear. Carefully assess their names, contact information and any other details. If you’re not sure, contact the platform to check.
Overpayment scams
Overpayment scams are common and involve an email suggesting that the guest has sent more money than required. This is a deliberate tactic to secure refunds for the extra cash they allegedly sent.
Non-standard payment methods
Look out for guests requesting to pay in less than standard ways. Payments are usually made through credit cards or online payment portals, not cryptocurrency or wire transfers (as these methods are difficult to trace if things go wrong). Stick to your guns, and use what everybody else uses — there’s a reason for it!
Phishing emails
Be wary of any emails ‘allegedly’ from Booking.com that ask for sensitive information, such as personal information and bank details. According to a Booking.com spokesperson, “As a rule, it’s important to remember that Booking.com will never require customers to provide credit card details by text, message, or email”.
A typical scam involving a phishing email looks like an email from Booking.com, requesting you click on a link to give your username and password. Although the link looks like a webpage from the organisation, you’ll notice differences if you look at the URL.
Last-minute cancellations
Criminals often use stolen credit cards to make a booking, then cancel, requesting you refund them through another account.
Requests for direct communication
Any guest requesting to communicate outside the platform is a red flag. Always ensure you communicate with your customers through the platform so you have a complete history of all interactions. Guests who insist on directly communicating may have ulterior motives.
SUMMARY
To avoid being scammed online, always be aware of the following:
Urgent language – Phishing scammers often like to create a sense of urgency with threats that your account may be suspended, or there is urgent information about your finances.
Typos and grammatical errors – Look carefully for spelling, grammar and punctuation errors. If you spot mistakes, it’s likely a fraudulent email. Likewise, look for different languages in the same email.
Check (but don’t click on) the links – Rather than click on any links, hover over them, then look to the bottom left-hand side of the page to see the URL details. On a mobile, tap and hold the link. Does it look like it’s from an official source or something nondescriptive?
Check the sender – Go to your address bar and check the “From” content. Alternatively, hit your reply button to expose the sender’s address. Does it look like an official business address or something from a scammer?
Here are some examples of email addresses that you can (typically, but not always) trust:
- noreply@booking.com
- noshow@booking.com
- @property.booking.com
- noreply-payments@booking.com
- customer.care@booking.com
- @guest.booking.com
- customer.service@booking.com
- invalid-cc@booking.com
- @mailer.booking.com
- @partners.booking.com
Be wary of phone calls – never give away any information over the telephone.
Leave all your holiday home rental worries with us
If the sound of managing your Airbnb on your own is too much, the good news is, we’re here to help. We can keep your listing account free from fraudsters and do all the hard work of managing your property for you. So if you’d like to generate more income without the hard work, contact Cloudbnb today.
Perth-based Cloudbnb can maximise your earning potential and minimise the stress. Our complete short-term holiday rental management service makes getting the most from your rental property (like 14% in passive returns) without lifting a finger.
We do it all:
- Property listing management & marketing – Check-in & customer communications
- Cleaning, laundry & maintenance – Ensuring that 5-star feel every time
- Styling & photography – Guest vetting – Keeping your property safe and secury
- Property insurance
