Threat Intelligence

5/3/2018
04:55 PM
50%
50%

Hackers Leverage GDPR to Target Airbnb Customers

Fraudsters are taking advantage of new EU privacy laws to demand personal information from Airbnb users.

Updated 5/7/2018 with Airbnb's statement.

A new phishing scam capitalizes on the upcoming General Data Protection Regulation (GDPR) to trick Airbnb customers into sharing personal and financial data, Redscan reports. The scale of the campaign is unknown, though it likely targets email addresses taken from the open Web.

Targets receive an email designed to appear as though it's from Airbnb, addressing them as a host of the service. The message says hosts can't accept new bookings or contact potential gusts until they accept a new privacy policy. If they click the malicious link, targets are prompted to enter personal information including payment card details and account data. Everything they enter goes to the attackers.

It's worth noting Airbnb is sending emails to alert users about GDPR-related changes; however, the legitimate notifications include more detail and none ask for users' credentials.

The European Union's new privacy laws, designed to grant people more control over the information they share online, goes into effect on May 25. In the weeks leading up to its rollout, companies are sending messages to gain users' consent for staying on their mailing lists -- and hackers are taking advantage of the trend.

Airbnb issued this statement:

"These emails are a brazen attempt at using our trusted brand to try and steal users' details and have nothing to do with Airbnb. We'd encourage anyone who has received a suspicious looking email to report it to our Trust and Safety team at [email protected], who will fully investigate. We provide useful information on how to spot a fake email on our help center and work closely with external partners to report and help remove fake Airbnb websites."

 

Read more details about this campaign here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
Most Malware Arrives Via Email
Dark Reading Staff 10/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1744
PUBLISHED: 2018-10-15
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 148423.
CVE-2018-1747
PUBLISHED: 2018-10-15
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 148428.
CVE-2018-18324
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
CVE-2018-18322
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
CVE-2018-18323
PUBLISHED: 2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.