The 2024 Fraud Trends & Key Takeaways webinar, presented by Cornelius Hattingh and Doug Nass on November 13, 2024, offered a deep dive into the evolving fraud landscape. The session highlighted emerging threats such as phishing attacks in corporate booking tools, NDC-related impersonation risks and the growing impact of AI-powered deepfakes on travel agencies and the industry. Here’s a recap of the key insights to help your agency stay ahead of these sophisticated schemes.

Watch the full video below, or use the links to jump to specific parts of the discussion.

2:56: Learn about the most common cyber threats targeting travel agencies, including phishing, ransomware attacks, website spoofing and impersonation scams. This section also covers tactics like fake travel packages, fraudulent partnerships and sophisticated phishing emails designed to bypass scrutiny. Discover how these threats can lead to financial losses, system breaches and reputational damage.

10:35: See examples of two of the most recent phishing emails sent to the travel agency community.

15:02:Explore critical cybersecurity best practices designed to protect your agency from fraud and data breaches. These include implementing multifactor authentication (MFA), investing in advanced cybersecurity measures and carefully vetting vendors and partners. Learn about enforcing least privileged access, disabling ticketing during off-hours and establishing strong client verification processes for high-risk transactions.

21:53: Discover how to protect your business from emerging fraud trends like agency impersonation and other deceptive practices. Learn how scammers exploit legitimate travel agencies’ credentials to access systems and other impersonation tactics, such as misleading customers through fake websites or excessive charges. Gain insights to safeguard your operations and uphold your brand integrity.

25:25: Uncover best practices for preventing fraud and ensuring secure airline onboarding in the NDC landscape. Hear how tools like ARC Check API and the Carrier Dashboard can validate agency authenticity, including owner identity and contact details. Discover the importance of MFA and signed consent to add layers of security to your onboarding process. Strengthen your defenses against other fraud types by safeguarding ARC numbers and regularly monitoring for unauthorized use of your business credentials.

28:15: Learn about emerging threats like deepfake-enhanced phishing and their potentially devastating impact on businesses. Understand how fraudsters use real-time audio deepfakes to impersonate company personnel, tricking employees into revealing sensitive information or granting system access. Explore the risks of ransom and blackmail attacks, where manipulated media targets organizations and individuals. Protect your operations from data exposure, system compromise, and severe financial and reputational damage.

At minute 29 of the webinar, the video shown during the live session did not appear in the recording, you can watch it below.

30:46: Discover best practices to combat the growing threat of AI-driven deepfake fraud. Implement layered authentication by combining methods like biometrics and manual verification for high-value transactions. Strengthen your defenses with secure communication channels and stay vigilant for signs of deepfakes, such as unnatural movements, irregular speech patterns, or inconsistent lighting. Explore advanced detection tools and maintain updated policies to prepare your team with clear protocols and strategies for addressing potential fraud attempts.

33:36: Explore the tactics and impacts of social engineering and credit card-not-present fraud. Learn how impersonation, obfuscation and first-party misuse enable fraudsters to exploit businesses, creating financial and operational challenges. Understand the potential impacts, from revenue loss and excessive chargeback fees to card network penalties and reputational damage. Discover strategies to recognize and prevent these deceptive practices to protect your business.

37:10: Learn best practices to safeguard against online fraud, including social engineering and card-not-present scams. Strengthen client verification processes for high-risk bookings and adopt secure payment platforms with advanced protections like 3D Secure protocols. Train your staff to detect phishing attempts and use tools like Address Verification Services (AVS) to validate payment details. Monitor for red flags, such as last-minute, high-value bookings and ensure clear terms and conditions are in place to protect your business from disputes and fraudulent activities.

41:49: The presenters address audience questions and share valuable resources for the remainder of the webinar.

ARC’s revenue integrity team is here to provide fraud-related support. If you suspect you have been a victim of fraud, contact ARC immediately by calling 855-358-0393 or emailing  stopfraud@arccorp.com. We also offer after-hours and weekend support. 

Visit the ARC website for information on unauthorized ticketing and additional fraud schemes targeting the agency community. Please view our  Cybersecurity Guide and on-demand webinars for additional resources.