Data entry hacker - threats to landlords and account theft
16/10/2025 | by BedBooking

Beware of scammers! Threats lurking for people renting out properties

Do you rent out an apartment, run an agritourism business, or manage a small hostel? Working in the short‑term rental industry is not just about beautiful photos and happy guests – it also comes with real risks for hosts, linked to the growing number of cyber scams.
A fake listing on Airbnb, a suspicious email from Booking.com, a message asking you to click a fake booking link – these are not isolated cases. That’s why today we’ll talk about how to keep data secure in your accommodation and protect yourself against the most common threats.

1. Phishing – fake messages from “booking platforms”

Phishing is one of the most popular methods of data theft. Scammers send emails or SMS messages that closely resemble official correspondence from Booking.com, Airbnb or other OTAs. The message contains a fake booking link, e.g., “click to confirm a new reservation” or “Your account will be suspended.”

Phishing increasingly appears in social media inboxes as well. Fake correspondence, deceptively similar to an official email from Meta, usually starts with “Final warning” or “Dear Administrator: Your Facebook account may have been disabled” and contains a suspicious link. Never click such links – instead, verify the sender, check the full URL and, if in doubt, report the message as spam.

Why is this dangerous? After you click, you land on a page that looks like the real site – but your login credentials go straight into the scammer’s hands.

How to protect yourself:
  • Never log in to the platform through links in messages – go directly via your browser.
  • Check the sender – does the email address look authentic?
  • Don’t panic – scammers often apply time pressure (“Your account will be blocked within 24h”).

Phishing - fake booking links and threats to landlords in the accommodation industry.
Phishing is one of the most common threats to landlords – fraudsters send fake booking links, impersonating Booking or Airbnb. Photo taken by Markus Winkler.

Example from practice: e-mail about an alleged account suspension

An e-mail arrives in the property owner’s inbox starting with “Dear ……”, purportedly from the “Support Team.” The sender threatens immediate suspension for “inappropriate content” and orders verification within 24 hours. The body contains two links: the first leads to Facebook’s real Help (to build credibility), and the second goes via the domain api.vc.ru to netlify.app (e.g., reinstatepag…/timeactive…), and is used to phish for login credentials.

Red flags:
• time pressure (“24 hours to verify”)
• generic greeting (“Dear ……” ) and an imprecise sender
• a mix of domains (Facebook ≠ vc.ru/netlify.app)
• typos/language slip-ups, an artificial footer “© 2025”

What to do instead of clicking:
• do not log in via the link in the message – go to the real service manually and check the alert in the dashboard.
• report the message as phishing in your mailbox.
• enable 2FA and use unique passwords (as per the list in the “How to protect yourself” section).

Example of a phishing attempt
Example of a message in Polish: Phishing attempt impersonating the ‘Support Team’

2. Fake guest accounts – a booking from a non‑existent profile

This is an increasingly popular method, especially among those offering accommodation via Facebook Marketplace, OLX or even local groups. The scammer creates a fake account on Airbnb or Booking, books a stay, and then asks to move the conversation off‑platform – “because it’s faster and cheaper.”

It often ends with an attempt to obtain your online banking credentials or send an infected file. Be careful – scammers will try various tricks to get you to click their link. An example might be a message from an allegedly elderly person claiming they have trouble finding their way and asking you to confirm a “route map” to your property. In reality, the attached link may hide malware or a fake login form.

How to protect yourself:
  • Use official platforms that verify users.
  • Check whether the URL contains typos or suspicious subdomains (e.g., faceb00k.com instead of facebook.com).
  • Do not download or open unexpected files, even if they look harmless (e.g., “map.pdf” or “route.jpg”).
  • Never click external links and make sure you accept payments only via the OTA platform or, for example, the BedBooking reservation system.
  • If you use other sources (FB groups, OLX), have your own identity and payment verification process – e.g., a bank transfer with a booking reference in the title.
  • Use antivirus software and update your system regularly.

3. Theft of your property’s photos and fake listings

An increasingly common scenario: someone downloads high‑quality photos of your rooms or apartments from Booking.com or your website, then posts a “super deal” on other portals, demanding an immediate deposit.

  • Once a month, search for your photos in Google Images. If you find unauthorized use, report a copyright infringement and contact the site’s administrator.
  • Keep your contact details consistent (phone number, domain, social profiles) – the easier it is for a customer to verify it’s you, the harder it is for scammers to impersonate you.
  • State in the booking terms that the deposit is paid only to the account provided on the official website or in the confirmation from a secure booking engine.

4. Account takeover and changing bank transfer details

This is an especially dangerous situation: a scammer takes over your platform account and changes payout details or redirects the guest to an external payment page. Guests still see the listing and book – but the money goes to the scammer.

How to protect yourself:

  • Use strong, unique passwords.
  • Enable two‑factor authentication (2FA).
  • Regularly check payout details and account settings.

In 2023, the Polish portal Niebezpiecznik wrote about a similar scam.

Card payment fraud - fake offer on an OTA portal.
A fake offer can lead to financial loss – be cautious when making payments and always verify the sender of the reservation. Photo by Sadi Hockmuller.

5. Chargeback, i.e. a credit card payment scam

Criminals, often operating as an organized group abroad, book a stay via Booking.com with a stolen card and someone else’s passport. The property captures the amount in pre‑authorization, sends self check‑in codes, and after a few weeks the cardholder reports the transaction as unauthorized. The payment processor upholds the claim when the name on the card doesn’t match the booking details, and the property loses the entire amount.

How to protect yourself:
  • If something raises concerns, at check‑in ask to see the physical card used for payment and an ID matching the name on the reservation.
  • Document every step – receipts, terminal printouts, correspondence in the extranet – because that’s the only way to defend yourself against a chargeback.

How can technology help you?

Well‑chosen tools are one element of security. For example, by using apps such as BedBooking, you avoid the need to copy‑paste data, communicate with guests in a secure environment, and keep control over calendar synchronization – which reduces the risk of accidentally contacting a scammer via a fake listing.
BedBooking won’t replace common sense, but it can automate your processes and help reduce the risk of mistakes that can be very costly.

Summary: Cybersecurity is now part of doing business

Online threats affect not only large hotels or portals – any owner of an apartment, an agritourism property or a hostel can fall victim to a scam. It’s worth staying vigilant, educating yourself and your team, and using tools that help you operate safely.
Data security in an accommodation property is no longer optional – it’s a necessity. Take care of it today before someone does it for you.

Popular posts

Inspirations

Ecological Initiatives in the Short-Term Rental Industry

Ecotourism is more than just vacations – it’s a way of traveling in the spirit of respect for the natural environment. Unlike traditional tourism, which often contributes to the degradation of nature and local culture, ecotourism aims to protect and preserve wild places and support local communities.

 17/05/2024
wynajem w praca na etacie
Inspirations

How do you reconcile rental accommodations with a full-time job?

Do you run a lodging facility and work a full-time job at the same time? We suggest how to combine both forms of income, so that you can not only meet all the challenges, but also find time for a well-deserved rest.

 22/09/2023
booking calendar
Reservations

Free Booking Calendar – Try BedBooking!

If you ask accommodation owners about one thing they can’t imagine doing business without – you’ll certainly hear about a booking calendar, an absolute must-have in a hospitality-based industry.

 26/11/2024