A Checklist for Foiling the Fraudsters
by Michele McDonald /Your new best customer could ruin you.
The manager of a company calls and says he is looking for a new travel agency. You verify that the company exists. You check out its website and find that it has a polished, professional look.
It’s for real.
The bookings start coming in. Things are looking good. This is high-end stuff – lots of international travel.
A month goes by and reality hits: The credit card number was stolen. The approval code you got doesn’t protect you. You’ve been burned by a very accomplished crook.
No dummies
But wait, you say. The address information and the CVV code – the three-digit code on the back of the card – were correct. How did this guy get past all that?
Today’s fraudsters are no dummies, according to Jennifer Watkins, senior manager of credit card services and fraud prevention at the Airlines Reporting Corp. (ARC)
Address verification? “The bad guys have that data,” Watkins said. CVV code? “It’s one of the most highly compromised pieces of data,” she added.
But Watkins stressed that agents should still collect that data – and as much other data as they can – because the best weapon against a fraudster is having the most complete picture possible. Every bit of information helps, with both ARC and law enforcement.
Red flags
ARC has developed a list of red flags for card-not-present transactions, such as bookings made over the phone or unsecured online transactions.
The red flag list is currently on ARC’s website behind the “My ARC” wall, which requires a user name and password, but ARC plans to bring it to the front of the site to encourage more agents to use it.
“We want to reach individual agents and make it more accessible,” said Watkins.
Reduce the risk
Agents can lessen their exposure to fraud by “collecting as much information as they can and seeing how many red flags they are hitting,” Watkins said.
Low-risk customers have telephone numbers in the same general area as the agency. They travel from the local airport. The passenger is the cardholder and shows up at the agency with the card and a valid signature.
Medium-risk customers are difficult to identify, but one factor may be that the requested travel date is less than one month after the date of issue.
High-risk indicators
Here are key items that may identify high-risk customers:
• Caller ID identifies the caller as out of the area or shows no information.
• The passenger is not the cardholder.
• The initial contact with the agency is made via email, website or TTY service for the hearing-impaired.
• The credit card, driver’s license and passport images are faxed or emailed, and the customer is never present in the agency.
• One credit card is used to purchase several tickets with different routings, travel dates and passengers’ last names.
• The customer may use a religious title or organization or pretend to be a member of a respected profession (a doctor, for example) to gain credibility.
• Email requests contain spelling errors.
• The customer uses airport codes instead of city names in emails.
• The email address is from a free service such as Yahoo or Hotmail.
• The customer provides a fictitious address and telephone number.
• The customer is not concerned with the price or the service fee.
• The customer requests last-minute travel.
• The travel schedule is very flexible.
• The customer can be contacted only by a cell phone numbere that has a different area code.
To learn more
Watkins will share more fraud-prevention advice for agents at Travel MarketPlace, the June 26 to 27 educational conference in Toronto. The conference is co-hosted by Travel Market Report.