Cybercriminals continue to target the agency community through phishing emails, which appear to be from various organizations across all business sectors, including GDSs. These emails entice agents to click on an embedded link and enter their login credentials.

No service provider should request login credentials through email. If you receive such a request, it is essential to validate it with your service provider.

Fraudsters can manipulate your reservation systems and cause financial harm to your agency if they compromise your credentials. It is critical to train your staff to avoid entering their login credentials into any links provided in emails and to be vigilant and suspicious of any webpage requesting authorization.

Safeguard your IT environment by implementing policies and procedures such as updating passwords and login credentials every 30-90 days and validating email senders and hyperlinks before clicking and engaging (i.e., opening, forwarding and replying to emails).

Please contact your service providers or email ARC at StopFraud@arccorp.com if you need assistance.

Visit our on-demand webinar page to view the latest fraud awareness videos.