Have received several phishing enquiries over the last 24 hours, with the scammers using HA/OD templates:
Reservation request
Someone wants to stay at your holiday home
You have received a reservation request for property.
You have 24 hours from the time the request was initiated to review, edit, or accept the request. After this time, if you have not responded to the request, it will be automatically declined for you.
Accept
Decline
Please review the details below.
Property
Unit 11249
Reservation ID HA-77VQ75
Dates Jan 18 - 25, 2017 , 7 nights
Guests 2 adults, 1 children
Holidaymaker name Alice
Holidaymaker Message
Hi,
I have initiated the booking with ownersdirect/homeaway. Your property is lovely and we wish to book it for 1 week starting tomorrow.
Can you contact me my personal e-mail companygroup@ssl-mail.com
Regards
Alice
Respond in your dashboard
and this morning:
Reservation request
Someone wants to stay at your holiday home
You have received a reservation request for property.
You have 24 hours from the time the request was initiated to review, edit, or accept the request. After this time, if you have not responded to the request, it will be automatically declined for you.
Accept
Decline
Please review the details below.
Property
Unit 11249
Reservation ID HA-77VQ75
Dates Jan 20 - 27, 2017 , 7 nights
Guests 2 adults, 1 children
Holidaymaker name Martin
Holidaymaker Message
Hi,
I have initiated the booking with ownersdirect/homeaway. Your property is lovely and we wish to book it for 1 week starting tomorrow.
Regards
Martin
AngloDutch, the first one appears to be an email address phishing attempt, but both are sinister requiring you to click a button ('Accept' or 'Decline') and don't delay, because the second one wants to arrive tomorrow.
I can see some owners falling for either of these scams and they are dangerous because they are plausible. Hovering the mouse over the sender's 'email address' which is shown should reveal the truth.
We received a genuine OD booking request just before the second one came in, so these emails keep you on your toes.
You have to scrutinize every single enquiry, but these can easily be noticed when coming through HA group because the listing number is not accurate. They have also started using photos - actually the main photo of someone's property - but of course it can be seen in a second that it has nothing to do with ours.
I had the same one from 'Martin' and for once it did not go to spam but into my inbox which made me hesitate slightly before hitting 'delete'. However as my calendar on OD has been blanked out as unavailable for the whole of 2017 I knew it was a wrong 'un and didn't even open it. All these damaging and unwelcome changes to the management of listings and enquiries and payments which the likes of HA insist with a straight face are in the interests of owner and guest security but seemingly no reduction in scamming/phishing.
joan wrote:I have been hacked twice now and both on VRBO-HOMEAWAY....
Almost all of these scummy hack/phish/scam attempts require you yourself to respond, click a moody link or enter information. So if there's any shred of doubt, don't. Personal vigilance is your best friend. Welcome.
This time next year Rodney, we'll be millionaires.
joan wrote:I have been hacked twice now and both on VRBO-HOMEAWAY....
Welcome to LMH joan The only way they can hack you is if you respond directly to the fake email. To avoid this always log into your account independently and check your dashboard/inbox. You will not find the fake enquiry there because it's bogus. Never click to log in via the email itself.