A serial fraudster is targeting corporate travel agents with a scheme in which he impersonates a real corporate executive to order tickets for his own customers.
Agents contacted by ARC advised that the fraudster appears quite knowledgeable about the corporation and often tricks a corporate employee into introducing him by phone or email to their corporate travel agent. Thus, the travel agent believes they are dealing with a legitimate corporate customer placing legitimate ticket orders, but it is all a ruse.
The fraudster conducts internet research on these corporations to appear legitimate. Then, he employs “social engineering” skills to gain trust.
Characteristics of this fraudster:
- Insists upon receiving the GDS and Airline Record Locators over the phone.
- Itineraries are emailed to a legitimate, though generic, email address at the corporation (e.g. firstname.lastname@example.org or email@example.com).
- All itineraries are for international travel.
- Same-day or next-day departures.
- Insists on working with the same agent each time he calls. He may hang up if another agent picks up the phone, but then, he immediately calls again.
- Calls are placed using VOIP (Voice Over Internet Protocol) telephone numbers.
- Tickets paid with the existing corporate account; fraudster does not have to use his own compromised credit cards.
- May refer to a Cost Center Code or Purchase Order Number for the corporation to further his appearance of legitimacy.
What agents can do:
- Recognize where your corporate clients travel to/from and flag tickets with characteristics outside that pattern.
- Verify referrals with the corporate client when expected travel patterns change.
- Verify the telephone number used by the caller with someone at the corporate client.
- Trust but verify.
If agents believe they have had interactions with this fraudster fitting this profile, please contact ARC’s Fraud Prevention at 855-358-0393 or email firstname.lastname@example.org.