Holiday Fraud Season Picks Up, and Travel Advisors Need to be Wary

by Richard D’Ambrosio
Holiday Fraud Season Picks Up, and Travel Advisors Need to be Wary

Agents report a seasonal increase in email and social media fraud campaigns designed to hack hard drives and bank accounts. Photo: Shutterstock


While travel advisors are typically trying to protect their clients from online fraud, they frequently are the target of hackers, too. This holiday season, agents say they are seeing an uptick in campaigns to access their hard drives and their bank accounts.

On Cyber Monday, the Long Island chapter of the American Society of Travel Advisors posted on its Facebook page a warning: “Watch out for scams! I just received an email from Square about a $980 refund being made to a non-existent customer with a link to view. Not only don’t I use Square, but I have no customer that has booked with me that would be getting a refund.”

Square is a company that provides credit card acceptance to a wide range of entrepreneurs. The post was written by LI ASTA chapter member Helen Prochilo, who owns Promal Vacations. She reported that right after the fake Square email, she received one from Stripe with a Square invoice attached.

“The first thing I do when I see an email like this is check who sent it,” Prochilo said. The Square email was from wisdomdread1.yahoo.com@ccsend.com, she said. “When I see something like that, I delete.”

The email very likely was a phishing scam. Phishing is an attempt to collect personal and/or financial information over email, phone, or via text message. Via email, the fraudster likely will direct the recipient to enter personal information in a form at a fake website.

On its website, Square reports that “Square will never ask you to provide sensitive information such as your username, password, social security number, full bank account details, or payment card information over email, phone, or text message.

“If you receive a suspicious email regarding Square, don’t reply to the message, select any links, or open any attachments. Please forward it to spoof@squareup.com to report the incident. Do not include any other information in the email you forward. The appropriate team will investigate and take action if needed.”

The Square scam has been around for years. In a June 2018 website post, the Better Business Bureau (BBB) said scammers are taking advantage of Square’s popularity “by sending phishing emails that appear to be official correspondence.”

The BBB said there are several different versions of the phishing scam, “but they all use the Square logo and seem legitimate. In one common version, the message claims that you accepted a payment and provides credit card details. In another, a client has allegedly requested a refund and funds are being removed from your account. Both messages urge you to click a link and ‘View Full Payment/Refund Details’ or ‘Deposit Now.’”

“Whatever you do, don’t click the links,” the BBB said. “They can download malware to your computer that can acquire your usernames, passwords and even sensitive personal information, such as your credit card number.”

The BBB is asking recipients to report their experience on the BBB Scam Tracker.

On its website, merchant credit card acceptance company Stripe warned business owners that “Stripe emails will come from the “stripe.com” or "e.stripe.com" domains, and you can always reply directly to the message to get in touch with us.”

Stripe also cautioned entrepreneurs to “only type your password into a website after confirming that it is the website you want, not one that was created to look like Stripe,” to “check the domain name for typos (such as “stirpe.com”),” and “check for our Extended Validation Certificate” (which usually looks like a green lock next to the Stripe URL).

Fake banks, and Amazon, too
Agents all over the U.S. reported seeing similar emails recently, and other fraud attempts, including some perennial Facebook Messenger scams.

“It’s not just Square. I received an email from Chase recently, supposedly about a wire transfer to my account, even though I don’t bank with Chase,” said Loulu Lima, owner of Book Here, Give Here, a home-based agency in Austin, Texas.

“It had Chase logos, and even a warning that ‘if you think this email is fake, call this number.’ It looked really authentic,” Lima said. She opened the email on her iPhone and when she swiped up, it appeared to try to forward the email to all of Lima’s contacts. She immediately deleted it and closed any open windows on her iPhone.

Another popular scam Lima has seen recently is from suppliers she doesn’t work with, claiming they are ready to pay her, and attaching a document designed to look like a purchase order.

Her webmail didn’t mark a recent email like this as spam, and also didn’t recognize one of the attachments, with an “.rar” extension, marking it simply with a question mark. “You never click on attachments,” Lima said, “because that could initiate a file downloading on to your device, potentially with malware.”

The Kaspersky computer security company lists .zip files and .rar files as two of the most widely used by online scammers.

Marguerite McMahon, a travel advisor based in Australia, posted on Facebook recently asking friends to not send her videos, chain letters, greetings or holiday games through Facebook messenger, as she has found many of them spread viruses, and initiate a hack on their Facebook accounts.

Valerie Delzer, owner of Travalerie, in Irving, Texas, said she recently saw a Facebook messenger scam that imitates coming from a Facebook friend, with “what appears to be a blacked-out image with the words ‘I think you appear in this video. Look at it is it you?’”

Clicking on the attachment “sends you to log into your Facebook account which tells me they're trying to capture login information,” Delzer said.

Other Better Business Bureau tips to protect yourself from online scammers include:

Verify the secure Square URL. Always double-check that you are on the official Square website and that you have a secure connection before you login. How can you tell? Your browser should say https://squareup.com/login and the locked Square, Inc. icon should populate next to this web address.

Be on the lookout for red flags. Typos and grammatical errors, as well as unfamiliar email addresses and scare tactics are all signs of a phishing scam.

Protect your personal information. Never share your credit card numbers, Social Security number or even address and phone number with a stranger, especially if they have contacted you unsolicited.

  1
  0
Tip of the Day

“I do not consider myself a good sales person because my focus is on service. I care much more about the wellbeing and happiness of whomever I am assisting than I do about income. I will be here when they are ready.”

Matthew Gray

AAA Oregon

Daily Top List
Brought To You By

Best Places to Camp in the Most Popular National Parks

1. Elkmont Campground, Great Smoky Mountains National Park
2. Mather Campground, Grand Canyon National Park 
3. Moraine Park Campground, Rocky Mountain National Park 
4. Watchman Campground, Zion National Park 
5. Tuolumne Meadows Campground, Yosemite National Park 

Source: Travel and Leisure

Previous Daily Top List
TMR Recommendations
Top Stories
ASTA Looks to Secure COVID-19 Relief with the Help of Advisors
ASTA Looks to Secure COVID-19 Relief with the Help of Advisors

Congress is in the early stages of putting together the next big stimulus package, which is expected to be complete by early August, and ASTA is again making a push for the travel trade. 

 Read...
Video: Tips for Making the Most Out of Social Media
Video: Tips for Making the Most Out of Social Media

Amy Leon, leisure and luxury specialist and owner of Adventures by Amy, shares tips on how to grow your business through social media.

 Read...
Five Strategies for Ensuring Success During Unprecedented Times
Five Strategies for Ensuring Success During Unprecedented Times

Executives share tips that you can implement today to help your business not only survive but thrive.

 Read...
To Get Travelers Traveling Again, The Industry Needs Travel Advisors
To Get Travelers Traveling Again, The Industry Needs Travel Advisors

With fam trips scarce to non-existent, advisors are taking their own initiative to start traveling again, to educate clients and promote their favorite suppliers and destinations.

 Read...
How Can Travel Agencies Make the Best Out of Hiring New Talent?
How Can Travel Agencies Make the Best Out of Hiring New Talent?

In TMR's 7th MasterAdvisor session, Kerry Dyer, the vice president of talent development at Brownell Travel, joined Daniel McCarthy to talk about how travel agencies can hire ICs and what other positions might be a better fit for some agencies

 Read...
Proposed Travel Tax Credit Gets Support from ASTA
Proposed Travel Tax Credit Gets Support from ASTA

The bill would provide a $4,000 travel credit for individuals who spend money on lodging, entertainment, and other expenses related to travel in the United States and its territories.

 Read...
News Briefs
TMR Outlooks
Distribution Outlook
Polar Outlook
Alaska Outlook
View All
Advertiser's Voice
https://img.youtube.com/vi/oHEjXP8-lho/0.jpg
Video: Tips for Making the Most Out of Social Media