Identifying Fraud & You’re Actions Count!

Increase In Travel Related Fraud Attempts

Over the last 60 days we have seen an increase in the number of fraudsters attempting to book travel.

While e-mail is still the preferred method for fraudsters, SMS, WhatsApp, personal email, Facebook,
Instagram, and other methods that cannot be detected by our fraud tools have increased in popularity.

Please remember that it is very easy to photoshop any verification document that you may request, and these
fakes tend to be high quality so you may not be able to tell just by looking at them that they are forgeries
without special forensic tools.

BEST PRACTICES ON FRAUD PREVENTION

What are the signs I should be aware of when someone is attempting to make a
fraudulent booking?
1. It might start with a first call/email to establish trust, a simple booking for a few months in the future.
a. The next call/email will be for an urgent request, after hours or just before holiday weekend.
b. Often the request will be for an international premium booking for the next day.
2. The customer might present himself as an authority figure: a doctor, minister, executive or other.
3. The customer might present urgency for the booking: a death in the family, urgent business deal,
accident, or medical urgency.
4. The customer might seem too familiar with the inner working of the industry, terminology: airport
codes rather than city names or inside knowledge on the company.
5. With regard to corporate bookings the customer may have inside information on the company, its
leadership or employees, or the profiled information they are attempting to use.
6. The credit card provided by the new customer is being declined. Fraudsters will have a large supply of
stolen credit cards ready to use and already photoshopped with the name of the traveler on them.
7. The booking is for travel within 72hrs.
a. The majority of successful fraud bookings that are not detected in time are for travel within
that time frame.

What can I do if I suspect that I am dealing with a fraud attempt?

1. Ask for documents (driver license, credit card & passports) and review carefully.
a. Common with fraud are low-quality picture documents, fuzzy background, misspelling,
unsigned CC, different banks on both sides of the card, missing key information like date of
birth and same picture on all documents.
2. Independently try to verify their identity: Google their information, phone number or domain and try
to confirm if their request is legit and valid.
3. For managed corporate travel, follow the travel policy for booking non-profiled travelers at all times.
a. After-hours services should never be allowed to book non-profiled travelers.

1
 4. Reach out to your agency owner/manager or host agency manager to evaluate the booking request
and documents.
5. AND Remember: “If it doesn’t feel right, pass on the booking and advise your owner/manager of the
situation so others don’t fall prey.”

What if I made the booking and after the fact realize that it was fraud?
1. Advise your senior management at your agency.
2. Document PNR in internal & public fields
3. Void / Refund if possible.
4. Advise airlines so they can document it on their end and change the ticket status to refund.

What is a phishing attempt?

Phishing is an attempt--usually via e-mail--to trick people into revealing sensitive information like usernames
and passwords. The emails pretend to be from a legitimate source, such as an airline or bank and deviously try
to coax recipients into sending sensitive information or directing them towards fraudulent links. Users that
follow these links end up on websites designed purely to steal information. These websites attempt to gain
credentials such as your GDS log in, email account, and banking as well as downloading programs that can
compromise your computer and the entire company database.

What should we be aware of?

1. Do not provide credentials (usernames or passwords). EVER.
2. If you receive an unexpected email from someone you know asking you to purchase gift cards – DON’T
- their email account was compromised.
3. If you receive an unexpected email saying they need to discuss a confidential matter with you via text
message and asks for your cell phone number, do not give it to them – it is a scam.
4. Never let someone remote into your computer unless you initiated the request and are 100% sure they
are who they say they are. Amazon, Microsoft, your bank, etc. will never ask to remote into your
computer.
5. If someone claiming to be from your IT department reaches out to you for remote access or
information, have them verify who they are by asking them to email your work email address from
their work email address.
6. Do not download a program without confirming with IT its validity, or for agents without an IT
department, never download files or click links from an email that you were not expecting.
7. Do not transfer funds without independently confirming the identity and validity of the request.
8. Consult with another colleague or senior manager if you have any doubt.

2
What if a breach occurred?
1. Reach out to Senior management at your agency or host agency immediately.
2. Control: Lock down the account.
3. Contain: Assess the breach of the impacted information:
a. Did the compromised account have special access or privileges that could be used again?
b. Were any changes made to the account, or additional accounts created?
c. Is there a potential of identity theft?
d. Has sensitive information accessed (client credit card information, personal banking, etc.)?
4. There is no such thing as a small fraud attempt.

What can I do to increase security?

1. Never write down/email/fax credit card information or maintain it in an unsecure way.
a. Always secure this information. Treat it as your own.
2. Never store sensitive data in unsecure GDS fields.
3. Never verify back to a client the full CC number or any other information.
4. Change password on your computer frequently.
a. Do not use the same password on multiple sites.
b. Ninety days is a recommended suggestion.
5. Use Multifactor Authentication everywhere it is available. Check with your agency or host agency to
determine what programs are sensitive to secure related client info if you are unsure
6. Make sure you are using a secure website when submitting financial and sensitive information.
a. You can see if a site is secure by seeing https in the address bar versus http.
7. Stop and question if a booking from a new client or existing clients sounds suspicious.

Additional Resources
ARC’s Fraud Prevention Best Practices