It’s Sunday morning and my AirBNB account has been hacked
(based on a true story, for educational purposes only :)
Good morning with a usual morning routine.
And the routine got broken with an unusual set of messages from AirBNB:
Ok, wait what. I had a really nice Saturday, but I surely didn’t do any impulsive or drunk reservations.
My first thought was that some evil dude sent me a phishy email, pretending to be a legit Airbnb message and wants me to click to a link to do some bad bad things to my computer.
NOTE: There a lot of emails around (called phishing or malware emails), that pretend to be from someone else. They mostly go to Spam folders, but not always. In many cases they try to put something on your computer or steal something from it.
SO REMEMBER: Never blindly click on any suspicious email links. Check few things before doing so.
To prevent that:
- Check whether sender’s domain and Reply to address are weird.
I got from here and it looks legit (airbnb.com)
2. Check whether link in email shows to some weird domain.
Most of phishy email want you to click to some link. You should carefully review these links before you click on them (never panic and just click on them.
So the process would be: Right click on a link, COPY link (see below)
Open the browser and PASTE the link (DON’T RUN IT, whatever the hurry, DON’T RUN IT>
So the result of copied link was:
Again looks like a legit AirBNB domain, so it was obviously sent from them.
It means that my account was hacked. Yahoo.
Ok, let’s see what happened.
Going back here:
So someone added a new payment method to my account, made a reservation at Quezon City (wherever that is), sent €105 to a host and paid €158,65 for a reservation from that new payment card.
Ok, lol, looks like no real harm for me and someone’s going to have a good time.
Now back to this:
I clicke on “I didn’t do this’ andI changed a password and found out that someone ‘notme’ logged to my account:
And made a reservation here:
I Twitted and wrote to AirBNB some crappy stuff was made and waiting for their instructions.
So let’s think about how this could happen?
1. AirBNB was hacked: Possible but unlikely
2. My computer was hacked: haha, you’re funny
3. Some other service that I was using was hacked and they used credentials on AirBNB: hmmm, sounds quite possible
Let me think. I have three password strategies:
- I use strong mostly auto generated and different passwords for highly critical services (Email, payments, banking…)
- I use strong but easier to remember for less critical services (social media)
- I use few simple password for services that I have to have access from anywhere just in case (AirBnb I don’t want to be locked out in some foreign city, so I have to know it even if I loose my phone or 90% of my memory). In many cases I also use this password on non critical services, just to put something in.
And the latest was probably what made me vulnerable.
I pretty much suspect that one of the service was hacked and password (together with my login email) leaked to some hacker’s database.
And these travel loving criminals booked a trip though my account.
Now the question is, why they needed my account? Until now no harm was made to me. They added other payment card (they didn’t use my) to reserve the stay and they also sent some additional money to the host.
There’s pretty obviously some malicious intent behind it (atm I am too tired to think logical one) and I am awaiting answer from AirBnb guys for this explanation.
The moral of the story is: Don’t use one password for various services or use some password managers (tho I don’t really trust them, but that’s for some other post).
