Thanks, @Clare0. What I was really wondering wasn't about mere phishing, but cases of automated password-crackers and the like. Or, as you mentioned, the possibility that AirBnB's own code might have flaws that let hackers manipulate accounts. I searched the community forums before posing my question and the only mentions I found were all from hosts who were obviously just confused by their own misunderstanding of the way things work, or confused by some of AirBnB's occasional whacky, inconsistent behavior. So, I actually feel pretty secure within AirBnB's system.

@Dede0 Yes, I've never heard of actual software hacking like the type where a company's files were hacked (Target, Home Depot, IRS, etc).  So long as users are vigilent about safegarding their accounts, all should be fine. 

19 May 2016:

One week ago I received an auto-message from ABB that things in my listing had been changed, and to contact ABB if I had not done so. I had not. When I logged in to my shock my profile had all but disappeared except for my photo and 92 guest recommendations (5*****). In the accounts page the birth date, country of residence and receiving bank account had all been altered. Immeciately I contacted ABB, where the rep was very helpful, assuring me that security would be in contact within 48 hours. The listing was blocked and taken down, the erroneous details deleted: then began the waiting game.

There never was an email nor call from ABB, despite 5 subsequent calls to the help desks, all of whom were very sympathetic and helpful, but ABB itself made zero contact with me or acknowledged the problem. Finally on the seventh day after yet another phone contact, I did receive a corporate form email from ABB how to proceed. Phone desk staff were very helpful, the listing is now back on line, fortunately no money lost nor would-be guests defrauded,but it was close. It has taken several hours to check over the listing and make right what errors were found.

It would have been hugely reassuring if even a simple one-line email from ABB had arrived, something like: "We see there's been a problem, please know that we take such matters seriously and are working flat out to resolve. Thanks for your patience and understanding".  No such luck. Very disappointing, even shocking that there is no attempt to reassure the loyal hosts who make ABB what it is.

@David84  Since last November, I have taken an interest in scams and scammers on Airbnb and have become somewhat familiar with thier tactics. I've found over 150 scam listings which I've had Airbnb remove from their platform. 

If you define hacking as someone using malicious software to invade Airbnb's website, no, I have never heard of that.  Airbnb's website itself is quite secure and, if used properly, can be trusted and relied upon to keep personal information safe. 

What typically happens is a host or guest inadvertantly gives access to thier account by responding to phishing messages that come to them either by text or email messages.  Scammers are extraordinarily sophisticated in mimicking Airbnb with logos, message style and what I call "hooks" that cause users to reply.  What do I mean by "hooks"?  Well, here are a couple of examples:

This was sent to a host promising a subscription to improve search placement.  Who wouldn't want that, right? Problem is that airbnbpremium. host is not a legitimate Airbnb website.  It is one of 100's of domains set up by scammers. 

This would certainly get one's attention, but it is just another phishing attempt to get users to enter their email and password.

I could provide more examples as they are all variations on a theme to gain access to accounts.  Another typical scam is for a "guest" telling a host in an inquiry that they found their listing on another website for a reduced nightly fee.  The host is then directed to a scam website, where, you guessed it, the host is asked to log in. 

Once a scammer has access to a user's account, they then tinker around and make changes as they did in your case.  Your account becomes a tool for the scammers to set up phony listings to get unwary guests to pay by bank wire transfer outside the Airbnb payment system.  Here's an example of payment instructions sent by a scammer to a guest: 

Again, note the email address.  While it has airbnb in it, it is not an email address that is used by Airbnb. 

So, what to do?  First of all, be very cautious about messages that request you enter your email address and password.  Those two are the keys to your account and every user should protect them as they would the keys to their home.  Second, look for the tell tale clues in the website URL or email address.  If they don't end in airbnb.com or if they don't start with "https", they are phony sites.  Here's an article that describes what is legitimate and what is not: 

https://www.airbnb.com/help/article/971/how-do-i-know-if-an-email-is-really-from-airbnb

Also, be sure you have checked the box in the Security section of your Account Settings that turns on login notifications.  This will give you a head's up that someone is logging into your account from a device that you don't use. 

As for Airbnb not giving you information about what happened to your account, that's not unusual.  They fix the problem but won't say exactly what happened for privacy and security reasons.  Since they alerted you first, I suspect that someone was scammed and they traced it back to your compromised account. 

So sorry to be so long winded, but I hope this will give you some background as to what may have happened in your case.  If you are ever in doubt about a message purportedly from Airbnb, follow your gut feeling.  It never hurts to ask Airbnb if it is legitimate. 

I hope you have a very successful and profitable career as an Airbnb host!

My account was just hacked !!! I got an email today that I had a booking for today (December 2nd) into tomorrow (December 3rd) in Phuket, Thailand for $1,125. WHAT DO I DO?!?! I just changed my password + email for my account, cancelled all possible payment methods (credit cards) that I could too. Advice ?! Thanks 🙂 currently freaking out

Call ABB 001-415-800-5959  Hi,  it sounds like you've done all the right things, cancelling any payment methods as well as PW.  ONLY LOG IN WITH WEB PAGE OR THE APP,  neve one of the links.  Bastards who do this have no souls, 

David, THANK YOU ! They make that number very difficult to find. I actually just found it as you responded. I called, and they made it a high priority listing right away. Then within 5 minutes I received an email saying they refunded me. I was very surprised how fast they acted honestly.

TO THE COMMUNITY: set up in your settings >>>>> under "Account" >> "Security", check the box to have Airbnb notify you if someone logs onto your account using a different browser! The hacker that hit me was using Firefox, which I don't even have on my computer, so this extra added security notification does help !

And remember to keep the hotline number saved in your phone since it's impossible to find unless you search deep in these discussion boards lol

Thanks david and everyone else 🙂

Hi Alexander,

Notify Airbnb, check on your settings who has logged in and send them that information and check if the payment is done on your card. When it happened to me I notified that an unknown visa card ahd been added to my account and transaction was executed with that one. I assume it's a credit card scam where airbnb members are just the 'vehicle'

You're right, they did add a random visa card to my payment options. Airbnb said they refunded the money to that card. Does that mean the crooks were successful?

I am currently facing the same issue as well! whereas I have a booking today at Berlin! and the booking was done last night! which is absurd! the cancellation policy is strict and no refunds will be made if there is cancellation made!

I have removed my previous payment method (credit card) and saw that the unknown reservation was done via a PayPal account which does not belong to me! I have since removed the cc details and the paypal acc automatically became the default payment method!

I have changed my password and real name since then!

What happened? The AirBNB Rep in Malaysia is not helpful AT ALL!

@Clare0

Hi Clare

Thank you for this most informative post.

Did any of your research reveal, if people are using internet café to log on to check their Airbnb accounts or if their PC have been compromised by key logging etc.?

Regards

Cormac

The Explorer's Club Krakow

@Cormac0 If one were using internet services that are not password protected (meaning that you do not have to have a password to gain access to the internet) any sophisticated scammer could gain access to the computer using that service and roam around files stored on that computer.  

One has to believe that there are bad people on the internet constantly knocking on your computer's door trying to gain access.  Sadly, many people are unaware of that and do not take precautions to be sure the door is locked to intruders.  🙂

@Dede0

Thank you for posting this provocative discussion question!

I think that it is so very very important and the more information we can share with other Airbnb hosts (and guests) the better - and we may even be able to prevent the distressing situation of blocked listings and fraudulent bookings.

I would like to suggest that some of the information that you and @Clare0 have submitted could be put together into an advice sheet and put in the community help pages....... I know there are some already about recognising emails etc.. but I think we could do with broadening the content.

What do you think?

Best Wishes.