MONTEREAL: Airline body IATA is warning the travel industry to be on the lookout for fraudulent emails. It said crooks have been contacting users of IATA products and services by email or telephone under false names seeking payment for products or services and/or claiming payments for outstanding amounts due.
Fraudsters use email addresses similar to an IATA email address but using different domain names such as @gmail.com or @iattafinance.org, it said.
Email accounts are often masked so that messages appear to have been sent from a g genuine IATA address with the @iata.org domain name, while their reply-to domain name is different, such as ‘email@example.com’ replies to ‘firstname.lastname@example.org’
Forged documents sometimes display the IATA logo or include links to a fake website, added the organization.
“Users of IATA products and services should always be wary of requests to update bank account information. If you doubt the authenticity of communications purporting to be from IATA, whether those communications request payment or not, please do not respond and notify IATA immediately at email@example.com,” it said.
IATA has updated its guidance document ‘Fraudulent Emails Warning’, which gives different examples of the techniques used by fraudsters and suggestions for organizations to protect themselves from fraud.