Airbnb scams are becoming more convincing as cybercriminals increasingly hijack verified host accounts instead of creating fake profiles, according to new research from travel eSIM provider Saily and cyber threat intelligence platform NordStellar.
The study found that Airbnb-related scam activity has increased 30-fold since the first half of 2023, with the steepest rise recorded over the past year.
Discover B2B Marketing That Performs
Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.
Researchers say the shift reflects a broader trend in cybercrime, where attackers exploit trusted online accounts to make fraud far more difficult for travellers to identify.
Trust is the new target
Verified Airbnb host accounts have become highly valuable on cybercrime marketplaces because they already have positive reviews, completed identity checks and an established booking history.
Rather than building fake identities from scratch, criminals are taking over genuine host accounts and using them to advertise non-existent properties. Since these listings appear under trusted profiles, they often look authentic to potential guests.
“Travellers are getting better at spotting obvious scams,” said Matas Cenys, Head of Product at Saily. “Criminals know this, so they are increasingly trying to steal trust instead of building fake trust from scratch.”
He said listings posted through compromised accounts can appear “entirely authentic”, complete with reviews and booking histories that travellers have been taught to trust.
Fraud looks increasingly genuine
Researchers say the latest scams often unfold through normal-looking interactions. Travellers receive what appears to be a legitimate booking confirmation, exchange messages with what seems to be a genuine host and pay a deposit through convincing communications.
“The most successful scams today don’t feel like scams at all,” Cenys said. “Everything looks normal until they arrive at their destination.”
The findings mirror wider cybersecurity trends affecting the travel industry, where account takeovers and phishing attacks are replacing many traditional fake websites as the preferred method of online fraud.
Lessons for the travel industry
Although the research focuses on Airbnb, the underlying tactics affect the wider hospitality sector. Hotels, holiday rental operators and online travel businesses all depend on customer trust, making secure accounts and strong identity protection increasingly important.
Researchers advise travellers to keep all communication within official booking platforms, avoid paying outside authorised payment systems, verify customer support contacts independently and be cautious of unusually cheap listings in popular destinations. Reverse image searches can also help identify fraudulent property listings before any money changes hands.
“As travel booking becomes increasingly digital, trust becomes one of the most valuable currencies in the travel ecosystem,” Cenys said. “Unfortunately, that makes it valuable for cybercriminals as well.”
For accommodation providers, the research serves as a reminder that protecting customer accounts is now as important as protecting payment systems, as cybercriminals continue to target the trust that underpins online travel bookings.
