ARC has received reports of a fraudulent email solicitation scheme. We’re alerting you about requests for assistance with corporate travel from an alleged oil and gas company whose name does not show up in a Google search but has a similar spelling to an actual company.
Cybercriminals continue to target the agency community through phishing emails, which appear to be from various organizations across all business sectors, including GDSs. These emails entice agents to click on an embedded link and enter their login credentials.
Fraudsters will send phishing emails to entice recipients to select a “sign-in” box and enter their credentials. The sign-in link in these emails is controlled by the fraudster, allowing them to obtain the user’s GDS login credentials.
With passengers returning to the skies in record numbers for the holidays, fraudsters have unfortunately returned as well. Many of the fraud schemes that targeted our industry pre-COVID continue to cause financial losses in the agency community.
ARC has recently been alerted that a phishing email campaign by fraudsters has returned.
ARC recently identified an increase of card-not-present (CNP) fraud. The fraudster claims to be from, or have affiliation with, the local chamber of commerce.
A GDS hacker was recently released from federal custody after serving time for conducting phishing scams. Now is a good time for all agency staff to review fraud prevention and security best practices.
ARC encourages our travel industry partners to review your network security procedures to ensure you’re ready to respond if this occurs at your agency
ARC has developed information that at least two websites from U.S. travel agencies have been spoofed by a fraudster likely operating from Russia.
A serial fraudster is targeting corporate travel agents with a scheme in which
he impersonates a real corporate executive to order tickets.
Recently, ARC became aware of an incident in which an agency experienced unauthorized access to a GDS bridge into a second agency.