Evidence of the latest threat to the Canadian retail travel sector is probably right in your own wallet. It’s your Costco membership card.
GENEVA — IATA has sent out a warning to travel agents to be on the lookout for scam emails from fraudsters impersonating IATA staff or misusing the IATA logo and name.
IATA has updated its ‘Fraudulent Emails Warning’ PDF with new examples of the different techniques used by fraudsters and suggestions to better protect your organization from fraud. The PDF can be downloaded at iata.org/Documents/Fraud-Prevention/Fraudulent-emails-warning.pdf.
Fraudsters contact users of IATA products and services by email or telephone, under false names (sometimes misusing IATA employee names) seeking payment for products or services and/or claiming payments for outstanding amounts due.
Fraudsters use email addresses similar to an IATA email address but using different domain names such as @gmail.com or @iattafinance.org. Email accounts are often masked so that emails appear to have been sent from a genuine IATA address with the @iata.org domain name, while their reply-to domain name is different, e.g. email@example.com replies to firstname.lastname@example.org.
Forged documents sometimes display the IATA logo or include links to a fake website.
Examples of fraudulent emails:
Examples of fraudulent invoices with false banking information:
Examples of fraudulent letters:
Example of a fraudulent prize certificate:
Users of IATA products and services should always be wary of requests to update bank account information, says IATA. “If you doubt the authenticity of communications purporting to be from IATA, whether those communications request payment or not, please do not respond and notify IATA immediately at email@example.com.”
IATA says it’s also seeing a rise in the number of fraudsters calling travel agents on the phone and impersonating IATA staff. “This attempt at fraud is increasing. Although telephone numbers may seem correct based on location, please remember that with Internet phones, the fraudster can call from anywhere.”
IATA has a few tips for travel agencies looking to protect themselves from fraud:
For more details see iata.org/Documents/Fraud-Prevention/Fraudulent-emails-warning.pdf.