Effective with sales issued on Monday, June 10, 2024 (PED 06/16/24), Star Peru (2I/156) will begin accepting Diners Club, Discover JCB, Mastercard and Visa as forms of payment through ARC.
Effective with sales issued on Monday, June 10, 2024 (PED 06/16/24), Myanmar Airways International Company Limited (8M/599) will begin accepting Mastercard and Visa as forms of payment through ARC.
Fraudsters set up the domain Galileogdshelpdesk.com on June 2, 2024, and began sending phishing emails on June 3.
Please review the fraudulent email example below to familiarize yourself with typical signs of suspicious requests, including grammar and spelling errors, and a sense of urgency. In this case, the fraudster copied the Galileo name and trademark.
GDS providers will never ask agents to log into their system through a link in an email. Always log into your GDS through bookmarks in your browser, not through an email link.
Visit the ARC website for more information on unauthorized ticketing and additional fraud schemes targeting the agency community. Please view our Cybersecurity Guide and on-demand webinars for additional resources.
ARC’s revenue integrity team is here for fraud-related support. If you suspect you have been a victim of fraud, contact ARC immediately by calling 855-358-0393 or emailing stopfraud@arccorp.com. We also offer after-hours and weekend support.
Over the past year, fraud cases increased throughout the travel industry and affected travel agencies at an alarmingly high rate. At ARC, we aim to ensure you have the knowledge necessary to protect yourself from these latest fraud schemes.
Due to these growing fraud concerns and to comply with the new Payment Card Industry (PCI) 4.0 requirements, ARC will require your adoption of Multifactor Authentication (MFA) if provided by your technology provider (e.g., aggregator, GDS). These provisions are countermeasures against social engineering and phishing attacks intended to collect valid credentials from unsuspecting users for fraudulent purposes.
The two ways to satisfy the MFA requirement are:
-
Use a combination of two or more authentication factors as the system provider requires.
-
Use a Single Sign-on Service (SSO) concurrently with MFA internally in place. With this option, the user gains access through a federated identity management arrangement requiring two or more authentication factors.
These updated security recommendations are to protect you and your airline partners from the growing sophistication of cyber criminals’ attempts to gain unauthorized access to agency ticketing tools.
Please contact your technology providers for any questions relating to their MFA requirements.
What is PCI? The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 is a compliance framework intended for entities that store, process or transmit payment account data, entities accepting or processing payment transactions, and for developers and manufacturers of software and devices used in those transactions. The PCI DSS compliance framework comprises a baseline of technical and operational requirements designed to protect cardholder data.
You may see an “Inaccessible Sales Report” error message when authorizing and submitting your weekly sales report.
Do not be alarmed if you receive this message; there is nothing wrong with your report.
To authorize and submit your sales report, close Interactive Agent Reporting (IAR) using the “Close IAR” link in the upper right-hand corner of the IAR sales report screen and then open IAR again.