The Airlines Reporting Corporation (ARC) has issued a fraud alert to all ARC agencies warning of Internet phishing for PINs and passwords that can lead to ID theft. ARC also urged agents to review their ARC reports daily and to educate employees on database security.
“Internet fraudsters can rip you off,” ARC said. “A particularly popular method is to pose as a legitimate representative of your company. How? By using email and fake websites— mirroring those of your business— and then attempting to obtain sensitive information from your organization’s personnel.
“They want logins, pseudo city codes, PINs, passwords, social security numbers, any and all identity information," ARC warned. "By successfully gaining identity and other sensitive information, these fraudsters may gain access to your ticketing while you are not looking, including after you have authorized your IAR report, after business hours, or on weekends and holidays. What do they want to do? Issue high dollar value e-tickets and stick you with the cost.
“Educate yourself on ID Theft— both personal and business," ARC advises. "The Federal Trade Commission (FTC) has a website dedicated to educating the public on ID Theft. The site provides materials that you can use to educate yourself, your staff, affiliates, outside sales agents and others. Visit their website at www.ftc.gov/bcp/edu/microsites/idtheft for valuable information and materials."
ARC recommends agents review agency IAR reports early each day (including weekends and holidays),and that they pay special attention to any spikes in sales from known or unknown outside sales agents, as well as high risk itineraries (typical example being international departures to and from West African destinations) and high dollar amount tickets.
“If you find unauthorized ticketing, compromised credit cards, or fraudulent driver’s licenses/passports, properly void the ticket as soon as possible through your GDS to receive the ESAC code from the carrier’s e-ticket database," ARC warns. "Remind your employees, affiliates, sub-agents, and outside sales persons that sensitive information such as logins, pseudo city codes, PINS, or passwords should not be disclosed or shared with others.”
Agents with questions or who want to report suspicious activity can contact ARC Field Investigation and Fraud Prevention at [email protected] or 703.816.8137. See also ARC’s Red Flags at www.arccorp.com/news/news_avoid_fraud.html.