Fraud Alert: Corporate Booking Scheme

A serial fraudster is targeting corporate travel agents with a scheme in which he impersonates a real corporate executive to order tickets for his own customers. 

The fraudster appears quite knowledgeable about the corporation and often tricks a corporate employee into introducing him by phone or email to their corporate travel agent. Thus, the travel agent believes they are dealing with a legitimate corporate customer placing legitimate ticket orders.

The fraudster conducts internet research on these corporations to appear legitimate and then, he employs “social engineering” skills to gain trust.

Characteristics of this fraudster:

1. Insists upon receiving the GDS and Airline Record Locators over the phone.

2. Itineraries are emailed to a legitimate, though generic, email address at the corporation (e.g., info@xyzcorporation.com or sales@abccompany.com).

3. All itineraries are for international travel.

4. Same day/next day departures.

5. Insists on working with the same agent each time he calls. He may hang up if another agent picks up the phone, but then, immediately calls again.

6. Calls are placed using VOIP (Voice Over Internet Protocol) telephone numbers.

7. Tickets are paid with the existing corporate account; fraudster does not have to use his own compromised credit cards.

8. May refer to a Cost Center Code or Purchase Order Number for the corporation to further his appearance of legitimacy.

What agents can do:

1. Recognize where your corporate clients travel to/from and flag tickets with characteristics outside that pattern.

2. Verify referrals with the corporate client when expected travel patterns change.

3. Verify the telephone number used by the caller with someone at the corporate client.

4. Trust but verify.

If agents believe they have had interactions with the fraudster fitting this profile, please report it to your local fraud prevention authorities.