Skip navigation

Join the Vacation Rentals Conversation!

Get answers to all of your questions from fellow owners and travelers.

Join the CommunityX

CommunitySeek, Ask, and Share in the Vacation Rentals Community
Currently Being Moderated

How to Protect Yourself from "Phishing" Attacks on Vacation Rental Owners

VERSION 10  Click to view article history
Created on: Aug 26, 2009 1:52 PM by community-editor - Last Modified:  Feb 26, 2014 2:43 PM by community-editor
**Join the Phishing and Scams Report group on Community to receive email alerts every time we post information on a vacation rental scam.

don't fall victim to phishing attacks on vacation rental ownersPhishing is one of the 21st century con artist's favorite fraud tactic. It's becoming increasingly common and the FBI called phishing the "hottest, and most troubling, scam on the Internet."  Don't fall victim to this crime.

So what is Phishing? According to Webster's New Millenium Dictionary:

phish (intr. v.): to send a ruse via e-mail with a link to a replica of an existing web page, designed to fool users into submitting personal, financial, or password information; to defraud someone using this method; also, to create a website replica for fooling unsuspecting Internet users into submitting personal or financial information or passwords.

A common scheme is to create a web page that looks like the site of a bank, retailer, online commerce company, or government agency and then send a blast e-mail to millions of people asking them to update their information, verify account details, or to confirm an order. Recent phishers have pretended to be Bank of America, Best Buy, PayPal and eBay.

Also be careful when typing a URL into your browser: Crafty phishers have bought commonly misspelled domain names and replicated the sites in order to trick customers into entering their log-in or credit card information on the fake site.


Another tactic is to phish over the phone. Scammers call your published telephone number pretending to be a representative of a legitimate company or organization such as Visa or the Special Olympics. They pressure you to give your credit card information to them right away so they can make their sales quota, win a contest, help the needy or any of a thousand urgent reasons designed to get you to give them your credit card number. Don't fall for it.


How to Recognize a Phishy Email

  • The actual URL for a link doesn't match the text URL
  • The e-mail asks you to validate, update, or confirm personal or financial information. (Most legitimate companies send hardcopy letters to customers when asking for this information.)
  • Check the MillerSmiles database. The site currently has an archive of thousands of phishing emails that have been submitted by users.

How to Avoid Phishing Scams

  • Never reply to an email asking for personal or financial information.
  • Never click on links within the body of an email. Instead, log-in into the company's site directly to “update your information,” etc. or call the company's customer service line.
  • If an email asks you to call a number to update your account or access a refund, don't do it. Scammers can easily fake area codes using VOIP lines. Instead, call the number listed on your bill or on the company's official website.
  • Never open an attachment unless you are expecting it.
  • Keep your anti-spam and anti-virus software up-to-date.
  • When you receive a suspicious email, forward it to spoof@homeaway.com.
 

Remember, a legitimate business:

  • Will never ask you to enter personal information on any Web page that you can access without first signing in with your username and password.
  • Will never pressure you to provide a credit card number over the phone. If you're not sure that you are talking to a company representative, hang up and redial the published telephone number.
  • Will always be able to answer a question to which only you and the company know the answer. Ask the caller something only you or the company can know: If the caller doesn't know the answer, hang up and call the customer service telephone number listed on the company's Web site. For example, a HomeAway representative will always be able to tell you the date of your last payment, the private e-mail address we use to contact you (assuming you use another email address for your business) or even your vacation home full address.

 

In an effort to more effectively support and protect both owners and travelers in the unlikely event of fraud, HomeAway offers the Carefree Rental Guarantee that will now cover phishing. The Carefree Rental Guarantee (CRG) covers losses for the amount the traveler paid for the rental up to $10,000 (subject to terms and conditions). Click to learn more.
Phishing is a fact of life on the Internet, but you can protect yourself from giving your information to people who are not who they say they are.

If you think you may have been a victim of phishing, contact your credit card companies and bank immediately and have a fraud alert placed on your accounts. If you're unsure how to do this, contact the Federal Trade Commission's ID Theft Clearinghouse (877-438-4338).


© Copyright HomeAway, Inc. 2011


Comments (1)

Not a member?

JOIN THE COMMUNITY

Register Now