ARC is warning travel agents to watch incoming emails carefully for signs of fraud in the wake of a spike in unauthorized ticketing.
In particular, agents should never click on a link in an email that looks suspicious, asks for agency credentials, or requires the agent to “update your information.”
$1 million in fraud
From August to November, 82 incidents were reported, comprising 73% of all the cases reported so far this year. Only 18 incidents were reported in 2010.
More than $1 million in fraudulent tickets have been issued in 2011.
Fraudsters more sophisticated
Chuck Fischer, director of operations integrity at ARC, said phishing emails – those that pretend to be from a trusted source – have become harder to spot.
“They’ve gone from being very crude and poorly written with misspellings to very sophisticated, branded with the GDS logo and with company officers’ names attached,” he said.
In addition, they have developed “spear phishing” techniques, in which the agent is addressed by name, ARC said.
Once fraudsters gain access to an agent’s GDS credentials, they can issue tickets at will until they are caught.
Fischer said the bogus payment methods are “a mixed bag.” Traditionally, the method of choice was compromised credit cards, “but more recently we’ve seen a shift toward cash,” he said.
Fraud patterns changing
“Patterns are shifting,” Fischer said. “A lot of this stuff used to happen on weekends, but now it’s occurring more often, and it’s harder to nail it down.”
Many of the tickets that are fraudulently issued are for travel in and out of countries on the west coast of Africa, he said.
Prevention tips for agents
Fischer urged agents to check frequently to see what has been ticketed at their agencies. Ideally, he said, agents should check several times a day. In no case should an agent let that task go until the end of the week.
In addition to maintaining vigilance regarding phishing emails, agents should take the following steps, according to Fischer: change their GDS passwords frequently; run antivirus and malware software, and “constantly remind the staff” to be on the alert for fraudulent emails.