How Holiday Booking Scams Work
In the last few years, holidaymakers have been duped out of thousands of pounds following the rise of travel cyber scams. Fraudsters have taken to posing as legitimate holiday property owners and tricking innocent people into handing over their hard-earned cash.
Action Fraud reported that in 2015 a whopping £11.5 was stolen by online scammers. A massive 425% increase from £2.2 million in 2014. It’s estimated the average person is conned out of £3,000 which has led to ill-health for almost half of the victims.
How Do They Do It?
Catching onto these cyber criminals has proven difficult due to the smart and efficient methods that trick holidaymakers. Property rental scammers work in one of three ways.
The Fake Website
Typically, scammers create legitimate-looking websites by copying descriptions and stealing images of luxury villas from genuine holiday rental sites. They even go as far as posting fake photos of their ‘customer service staff’ by stealing photos of doctors and company executives.
In a bid to ensure their website gets exposure, con-artist pay for pay-per-click ads. This allows their website to feature at the top of the search engine. The high-rank on Google often indicates a legit website. For the most part, they are, but some fake websites do pass Googles security checks.
To entice travellers to book, scammers offer a discount if the payment is made in full and within 24 hours by bank transfer. These worthless bookings also guarantee refunds in the event someone cancels which further hooks them in. Given the urgency to secure the booking at a discounted rate, holidaymakers tend to rush into booking without thinking it through.
Once a booking has been placed professional-looking contracts are issued. Combined, these tactics make it hard for holidaymakers to know they have been scammed.
When travellers realise they’ve been scammed
Holidaymakers find that once a payment is made by bank transfer all communication ceases. Emails aren’t answered and no further information on the booking or arrival details are sent. Which is usually when they realise they’ve been scammed.
For others, it’s only when they head to the accommodation, suitcases in hand, they discover that:
- The property doesn’t exist
- That it’s been rented out via the legitimate owner to other holidaymakers or
- They have been conned
Getting money back
Unfortunately, the likeliness of getting the money back that was sent via bank transfer, is slim. Scammers use bank accounts that are set up with fake details i.e. name, address, D.O.B etc. These accounts can be easily shut down once the bank is alerted. But usually, the money is immediately withdrawn by the scammers and it’s too late to recover the cash.
Once the money is gone, it’s gone. Banks and specialist fraud teams find it extremely difficult to locate the culprit. Ultimately meaning scammers get away with it and the victims lose out.
Victims who were duped by fake websites
French tourist Florian Coulan was conned out of £1,400 after booking a holiday rental in Dublin for him and his friends. As it turned out, the house wasn’t even a holiday rental. The con-artist had pretended the property was theirs to rent, advertising it on a fake website. This left Florian and his friends stranded in a foreign country. Luckily, the resident house-sitting the property hosted the group for the night and helped find alternative accommodation for them.
Although Florian found a place to stay he was unable to contact the property “owner” the Irish Times reported.
This Is Money reported that holidaymaker, Kellie Butterworth was robbed of £1,994 after booking a Tenerife Villa. The eight-day stay was supposed to be a relaxing getaway to celebrate her mother’s 70th birthday however this did not pan out.
Only six weeks after making the booking, the website was removed and closed-down. The bank account that Kellie sent the money to, also closed and later deemed as a fraudulent account. Kellie never got her money back.
Phishing – Hacking The Property Owners Account
Phishing is another tactic where con-artists hack email accounts of holiday homeowners who let out their properties on popular holiday rental websites.
The scammer intercepts booking emails before they reach the real holiday rental owner, then impersonate them. They use the listing sites official logo in correspondence and an authentic looking email address to cunningly convincing the victims that everything is legitimate.
Fraudsters then lure holidaymakers away from the booking sites official messaging and payment system by saying they are faulty. Once communication is via the scammers’ personal email, holidaymakers are convinced to pay directly by bank transfer to secure the booking.
Again, once payment is made, communication ceases and the victim discovers they have been scammed and the fraudster has vanished with their cash.
This Is Money reported that an eighty-six-year-old man was conned out of thousands after con-artists posed as a holiday rental owner. Charlotte Gilmour booked a trip to Majorca on request of her father who wanted to treat his family. He shelled out over £5,000 plus £1,400 for flights only to realise it was a sham. Con-artists hacked the identity of the legitimate owner and convinced Charlotte and her father to pay via bank transfer.
Since this payment wasn’t made through the official website’s platform, it wasn’t protected by their secure systems.
This Is Money further reported about retired recreation manager, David Reed lost €1000 after placing a booking. David was desperate to find accommodation that would house ten guests for a wedding in Amsterdam.
Due to the large party, David had to look around and eventually found a 12-bedroomed apartment in the centre of Amsterdam. The link to the property looked legit and the invoice even had the rental sites official logo on.
David later found the money had gone to an account in Italy. It was immediately withdrawn and therefore couldn’t be retrieved by the banks.
Similarly, Guy and Lisa Jones lost €3000 after booking a villa in Ibiza for themselves and their friends. Again, the booking site was compromised, and the con-artist cleverly managed to convince them to pay via a bank transfer.
The couple were only alerted to the scam when they came to show their friends the apartment. The property was no longer listed and the “property owner” ignored all forms of contact. Again, a bank transfer was made, and the money couldn’t be returned.
The third method criminals use is by placing fake adverts on holiday rental websites by slipping through the sites security checks. Again, they lure holidaymakers away from the official sites message and payment systems to ensure travellers pay by bank transfer – then they vanish with the money.
George Hayward was caught out by this method after booking a trip for himself and five friends to Amsterdam. George paid £1,100 via a bank transfer at the request of the owner. However, two weeks later he received an email saying the booking had been cancelled and a refund would be given. This did not happen and due to George messaging and paying outside of the rental website he wasn’t eligible for a refund. Reports by This Is Money.
The scammers are highly adept at luring holidaymakers from the official messaging and payment systems. This way they can receive a direct payment that is untraceable, once it’s been removed from the account. From there they vanish and cease all communication.
And that is how easy a holiday rental scam is. A fake ad, fake website, fake owner, fake email address, fake bank account, a ‘pay as you go’ phone enables scam artists to quickly withdraw the money and cut communication before holidaymakers are aware they’ve been conned. It’s scary how simple and effective con-artists can be and what little protection there is for consumers.
From the research conducted we found that many scams are taken place on notable holiday rental websites. While they have security systems in place to prevent fake profiles, many still slip through the net.
There have been multiple reports where emails have been intercepted and bogus bookings have been taken. Many holidaymakers have been tricked into making direct payments via a bank transfer.
Sadly, in such cases, the rental portals refuse to issue a refund. Such sites stipulate that bookings and payments must be securely done through their websites.
Such discrepancies led to an investigation by Which?, who found that one of the fastest growing holiday rental websites took two weeks to shut down a scam account that they had purposely created. Which? had even reported the fake profile on the website but still, nothing was done about it for two whole weeks, during which time a “real” fraudster could have scammed several people.
Shutting The Scammers Down
Due to the monumental increase in holiday rental scams, Get Safe Online and the London Police have teamed up in a bid to end the online scams. They have stressed that holidaymakers should be vigilant and thoroughly research the homeowner and property before making a payment.
For more information, read our tips on how to avoid a holiday rental scam.
Vacation Rental sites such as OwnersDirect, HomeAway and Airbnb are also upping their security. They’ve integrated algorithms into their sites to analyse duplicate images and descriptions. Listings are also vetted for personal contact details included in listings. Ultimately, limiting contact to their website messaging platform.
The site carries out over 300 checks to identify fake listings and searches the internet to see if photos are duplicates. Along with this, any logins from an unexpected device is investigated with a request to provide additional verification. Owners are also alerted by text message if any alternations are made to the account. This is to ensure it is the owner accessing the account.
HomeAway has sophisticated security measures to prevent fraudulent listings and activity, including requesting documentation and ID. It also requires users to use a two-step verification to reduce account takeover.
Protect Your Payment
Although such websites do have systems in place, that doesn’t mean fraudulent activity doesn’t happen.
If a listing is fake or a hosts account is hacked, and a payment is processed outside of the websites secure payment platform, that money is not protected. Under the sites rules, each payment and booking must be processed through their system.
When booking via a website, it’s better to be vigilant and wary of any transaction before committing to a payment. Paying by credit card is the safest option.
By knowing the risks, the signs and the effect on others you may be able to avoid such heartache!