Every travel agency welcomes new clients, and word of mouth referrals have always been an important tactic for building business. According to Travel Weekly’s 2015 Consumer Trends survey, 37 percent of those who use a travel agent said a friend’s recommendation was the reason for their selection. But while word of mouth has left positive effects on agents’ bottom line, it has also left them exposed to social engineering schemes.
Social engineering is a form of fraud that relies heavily on human interaction, fooling businesses into breaking their normal security procedures. It is one of the greatest threats to travel agencies today, according to Jen Watkins, director of credit card services and fraud prevention at Airlines Reporting Corporation (ARC). As a leading technology solutions company for the U.S.-based travel industry, ARC helps manage revenue lost to fraud through prevention education and investigative support.
Watkins explained, “Today’s online environment offers a wealth of information from which these criminals can pick and choose to set their targets.” Fraudsters commonly provide photo-shopped driver’s licenses, credit cards and passports. Watkins continued, “These criminals will often attempt more than one credit card for various purchases only to result in the real cardholders denying charges as fraudulent and the industry with another chargeback.” According to IATA, card payment fraud is estimated to amount to over one billion dollars a year for the airline industry.
Given these growing threats, ARC stresses the need for agents to be vigilant about validating the identity and legitimacy of customers, as well as other agencies and independent contractors with which they do business.
Trust Your Gut
So how can you tell if a booking is a legitimate transaction? ARC outlines some of the red flag indicators agents should be on the look out for.
1. If a cardholder is not local to your agency or departure airport(s)
2. If a cardholder is not a known client (e.g., your agency typically knows its clientele base and does not advertize through the web or local media for non-local clients)
3. If a cardholder is unwilling to come to the agency with a valid credit card or ID
4. A last-minute ticket request for an immediate departure
5. If a cardholder is purchasing tickets for other passengers
6. When multiple credit cards are used and/or multiple cardholders are listed from the same client
7. When bookings are made for the same day/next day international departures to/from high risk airports, such as ACC, CMN, ABJ, LOS, SDQ, DKR or IST
What should you do next? ARC advises to always request and verify cardholder, passenger and business addresses, phone numbers and more. Simple ways to do your own, quick investigation include:
• Using online reverse directories to verify valid home and business addresses
• Calling all phone numbers provided (If you get voicemail box is full, the phone is never answered or it’s not a working number, consider the ticket request as high risk.)
• Using the ID Checking Guide (idcheckingguide.com) to validate genuine driver licenses
ARC also suggests agents always consult their host agency, if they have one, and/or ARC’s fraud prevention team to validate any suspicion. Agents can visit arccorp.com/fraudprevention to stay up to date on the industry’s most common and recent fraud schemes.
“When your intuition is raised,” said Watkins, “pay attention to the questions that come to mind, determine the risk you want to take in accepting a credit card in a non-face-to-face transaction, and make a decision if the client is really a client you want to service. Always ask yourself: Is it worth the risk?”