Travel agents are increasingly being targeted by phishing scams that imitate GDS interfaces to steal agent credentials.
“Unfortunately, it is becoming more common that our customers or employees receive phishing e-mails being sent by fraudsters,” Amadeus told Travel News. “The e-mail contains either a link or an attachment. Do not click on them as this will install or run malware.”
How phishing scams work
Phishing, a variation of the word ‘fishing’ uses convincing bait to catch its victim. Phishing emails copy the look and feel of trusted companies to lure the recipient to click on links to a fraudulent website that contains malware.
“Malware is malicious software specifically designed to disrupt, damage or gain unauthorised access to a computer system,” explained Amadeus. This software is installed without the user being aware of it and once installed, the fraudster can access the user’s actions through spyware or gain access to the computer remotely using a Remote Access Trojan (RAT).
For scams that imitate GDS pages, the fraudster is aiming to gain the ability to issue unauthorised tickets or steal data. The scammer may also use spyware to collect the credentials for all applications used by the agent, from the GDS to e-mail and bank accounts.
A spokesperson from Travelport explained that it was a common occurrence in all industries. “Cyber criminals are employing various deceptive tactics to trick consumers and employees at businesses of all sizes, in every industry, into revealing their usernames, passwords, and other sensitive information in order to compromise online accounts. For travel counsellors, agents and any professional working in the travel industry, it is important to remain vigilant and cautious when handling sensitive information online.”
How to avoid being caught out by phishing
Travelport encourages all its customers to avoid sharing their credentials with anyone or clicking suspicious links on e-mails.
“There are anti-virus solutions which claim to filter phishing emails or block the opening of phishing websites, but these solutions cannot guarantee 100% protection even when using the latest version,” said Amadeus.
Amadeus gave Travel News a few tips to identify phishing scams. According to the company, travel agents should investigate a sender’s email address and check for subtle typos or unknown addresses that don’t match the context of the email.
These emails may have an impersonal salutation or no salutation at all and the contents of the email may contain spelling mistakes but, Amadeus warned, this is becoming less common as fraudsters learn from their mistakes.
The emails often contain a sense of urgency. For example, ‘click here or your account will be disabled in 24 hours’ or request sensitive data such as passwords. “Question whether this information has any valid reason to be requested and exchanged via e-mail,” said Amadeus.
Contents may contain references to recent news to motivate agents to react or imitate regular emails sent out by companies such as Amadeus.
“Amadeus has monitoring systems in place and will alert its partners when we are aware that our customers are being targeted with phishing activity claiming to be Amadeus,” the company said.
Amadeus encourages all agents who receive suspicious emails to report these incidents to the Amadeus help desk. In urgent cases when a computer has been infected by malware, agents should contact the Amadeus help desk as soon as possible for support and disconnect the computer from the network immediately.
