A serial fraudster is targeting corporate travel agents with a scheme in which he impersonates a real corporate executive to order tickets for his own customers.

Agents contacted by ARC advised that the fraudster appears quite knowledgeable about the corporation and often tricks a corporate employee into introducing him by phone or email to their corporate travel agent. Thus, the travel agent believes they are dealing with a legitimate corporate customer placing legitimate ticket orders, but it is all a ruse.

The fraudster conducts internet research on these corporations to appear legitimate. Then, he employs “social engineering” skills to gain trust.

Characteristics of this fraudster:

  1. Insists upon receiving the GDS and Airline Record Locators over the phone.
  2. Itineraries are emailed to a legitimate, though generic, email address at the corporation (e.g. info@xyzcorporation.com or sales@abccompany.com).
  3. All itineraries are for international travel.
  4. Same-day or next-day departures.
  5. Insists on working with the same agent each time he calls. He may hang up if another agent picks up the phone, but then, he immediately calls again.
  6. Calls are placed using VOIP (Voice Over Internet Protocol) telephone numbers.
  7. Tickets paid with the existing corporate account; fraudster does not have to use his own compromised credit cards.
  8. May refer to a Cost Center Code or Purchase Order Number for the corporation to further his appearance of legitimacy.

What agents can do:

  1. Recognize where your corporate clients travel to/from and flag tickets with characteristics outside that pattern.
  2. Verify referrals with the corporate client when expected travel patterns change.
  3. Verify the telephone number used by the caller with someone at the corporate client.
  4. Trust but verify.

If agents believe they have had interactions with this fraudster fitting this profile, please contact ARC’s Fraud Prevention at 855-358-0393 or email fifp@arccorp.com.