GENEVA — IATA has issued a warning about a fraudulent email campaign targeting travel agents in the wake of the coronavirus pandemic.
As if agents don’t have enough to deal with right now, emails asking for ‘COVID-19 caution fees’ are landing in travel agency email inboxes, purportedly sent by ‘firstname.lastname@example.org’.
It’s been going on all month and has become a “substantial phishing campaign”, says IATA in a notice posted on its travel agent portal.
“For the month of April, a substantial phishing campaign targeted many stakeholders, using the fraudulent email ‘email@example.com’,
“Be aware and report any communications from this email. This phishing campaign is requesting the settlement of “COVID-19 caution fees”. Be aware that it is NOT a legitimate request coming from IATA.
At the site IATA has a list of the most common domains used for fraudulent IATA emails. “Please note that IATA never communicates via these domains: @gmx.com, @yahoo.com, @hotmail.com, @iname.com, @accountant.com, @gmail.com, @mail.com, @aol.com, @live.com, @usa.com, or @outlook.com. You should assume all emails sent from those domains and purporting to be from IATA are fraudulent.”
IATA adds that it accepts and appreciates reports of any fraudulent emails, even from domains that are already on the list.
Agents who are unsure whether the email they received is a genuine email sent by IATA can contact fraud.reporting@iata.