Fraud Warnings

Wed, 12 Dec 2012 15:16:14 GMT

1. This is a story of 9 continuous fraud attempts to an ACTA members agency by the same person on SIRRVA.

The booking attempts were all for a one way air seat YUL-YEG for the next day and it is suspected the bookings failed because the agency (in YVR) set their Control Centre in SIRRVA not to accept bookings within 3 or 4 days prior to departure (As recommended).

We asked the travel fraud experts at Perseuss if they would run a report. Here is what they found:

There were plenty of fraud matches on the same person trying to book 9 times. The fraud attempt came out of Montreal and has been very active with attempts at fraudulent bookings. Perseuss found 12 matching results for similar email addresses in the past 4 months and warn to be cautious of any booking coming through with an email address containing the word "daoust" anywhere within.

Most of these attempts were within the past 2 weeks and it looks like the fraudster operates out of Montreal as all flights go in and out of there. Also all IP addresses are in Montreal on a Bell Canada DSL network.

We hope other agencies are just as vigilant at monitoring fraudulent booking attempt and report them right away.

2. One of the more recent reports comes from a member agency who received an email from IATA Finance requesting payment of an invoice. Having no outstanding payments to IATA our member wanted to confirm its authenticity and contacted IATA right away. It was concluded that the email was not authentic and an attempt at fraud.

IATA's response:

"Please don't answer as this is a fraudulant e-mail.

Should you require further assistance on this matter, please do not hesitate in contacting us at any time by replying to this message.
Otherwise, this case will be considered closed. If you have a new inquiry that is not related to this case, please submit it through our customer service web portal for the Americas at:"

<< http://www.iata.org/customer-portal/Pages/ContactUs.aspx >>

With fraud attempts traditionally most prevalent towards airlines we have started to see some of the focus shift to travel agencies. We have heard cases of booking engine passwords being shared amongst agencies servicing corporate clients, in some cases the corporate clients themselves. ACTA recommends as a best practice to keep your username's and passwords private.

Be alert. Airlines have started investing in fraud protection tools and seeing great success. The fraudsters will be looking for alternatives.

3. The fraudster who sent the email to the booking agent was claiming to be from a medical foundation providing care to AIDS/HIV victims and wanted to book travel arrangements for the medical team in Massachusetts. After some investigation, it was discovered that the person was posing as a member of a legitimate organization and had no connection to the foundation. After alerting the foundation, it was determined that this was not a one-time occurrence and the foundation decided to pursue the fraudster in order to shut them down.

10 Tips to avoid fraudulent bookings

Thu, 15 Nov 2012 14:31:50 GMT

10. Address verses routing:Is the address of the person booking related to the cities on the itinerary? If the person's address is in the USA and they are travelling from Dubai to Bangkok then you should be suspicious of fraudulent activity.

9. Email Type: Is the email from a legitimate company or not. Emails from hotmail, gmail or yahoo have higher chances of being fraudulent than emails that are of popular companies like cbc, nortel or rogers. Fraudsters don't generally use company emails as they can be easily tracked down.

8. Passport Copy: Does the name on the passport match the name of the traveller exactly. Sometimes fraudsters get lazy and don't make sure the documents match up.

7. Past Client: Is the person booking a past client. Do you have a long history with them. New customers who you have been booking for less than 6 to 12 months should be considered new and additional caution should be given.

6. Credit Card Signatures: If you are requesting credit card copies and signatures by fax or email look carefully. Sometimes fraudsters will omit the signature and only forward the information.

5. Compare IP Address and Travel Cities: If you accept online bookings record the IP address. Compare the location of the IP address and see how far away it is to the departure or arrival city of the travel itinerary. If they are far apart you have a higher likelihood of fraud.

4. Geographic Profiling: Pay close attention to international destination bookings (ie. Africa) or travel originating from overseas. If you do not personally know the individual or have a long term relationship you may want to forgo the booking or request a cash payment.

3. Last Minute Travel: Is the person travelling within 72 hours? Any last minute bookings should be looked at carefully as fraudsters will usually travel at the last minute. Be careful however, with Air Canada and WestJet making free changes for webfare bookings within 24 hours you want to make sure that customers don't call in and change their tickets directly with the airline.

2. Street view: Check the address online with Google Street View. Does the house number show? Does it look like a residence or a business? If you are really concerned, ask them what colour their house is and if it matches without them looking it up, you may be safe.

1. Suspicious names: Pay close attention to bookings for individuals with unusual names or suspicious names (e.g. John Smith). These types of bookings have a higher rate of fraud.

*Perseuss is a platform where over 70 airlines and travel companies worldwide are sharing confirmed fraud data to help prevent Travel Fraud. This data is being offered to ACTA members who are interested in seeing how this essential tool can help their travel agency with their Travel Fraud Prevention efforts. You may register online for the 3 month free trial here or contact Normand Schafer for more information at normand@perseuss.com or 250-884-3434.

If you are interested in a separate paid training course on overall:
"Fraud Prevention Best Practices for Front-line Agents"
Please email: normand@perseuss.com.