A new report from Forter on the current state of travel fraud in 2017 has revealed that over 50 per cent of travel fraud is tracked to dodgy online travel agents.

The report found that OTA fraud is on the rise, clocking up $1.3 billion in bad bookings, is fast becoming a concern that might make travellers reconsider booking on unfamiliar sites.

“The unfortunate fact is that, for a host of reasons, airlines do generate conspicuously high levels of card fraud,” said Peter Bayley, Executive Director of Risk Management at Visa Europe.

“Online flight tickets are digital – so fraudsters don’t have to worry about shipping details, and can resell easily,” the report stated.

“The tickets are easy to monetise, since consumers look for deals and are accustomed to buying from third parties.

“That means it’s relatively easy for a fraudster to scale their theft. They can resell tickets they’ve successfully stolen already, or sell tickets and then steal to order.”

According to the report some of the ways online travel fraudsters are attacking include:

• Work at scale by acting as an “agent”
• Leverage local knowledge to look genuine
• Scrape your personal and financial data on the dark web and use it to purchase and resell flight tickets
• Know that travelers often book last-minute
• Book tickets in “groups” of diverse nationalities to confuse antifraud

It comes after a spate of negative press for OTAs lately, including one study that blatantly claimed OTAs are “misleading and unreliable”. The study found prices on 235 websites were in fact unreliable – that’s two thirds of the sites checked.

Meanwhile, Aussie agencies have bolstered their own offerings, showing off how they choose to beat OTAs, and MTA MD Roy Merricks insists OTAs and travel agents can, in fact, co-exist in the same environment.

“The term ‘Online Travel Agent’ as a description – for what in reality is a search engine or booking robot – may be misleading in itself,” Merricks told TW.

The Real-Time Challenge of Travel Fraud

According to this Forter report, companies have to block online travel fraud in real-time, without delaying or adding friction for good customers who expect to receive their tickets right away.

It claimed, “Moreover, they have to work with particularly challenging norms: travellers are globally diverse, frequently in situations where billing, shipping (if any) and IP addresses will not match, and often want tickets for flights taking place in the near future.

“Manually reviewing transactions causes delays for good customers and is often not enough for these complex cases. Fraudulent agents often use the details of legitimate individuals making legitimate purchases.

“Those legitimate people don’t know the “agent” is using stolen details. This kind of fraud is very hard for a manual reviewer to spot since almost everything in this story is real.”

In one case study, Forter used the example of backpackers as often being targeted as potential scammers.

A staple for any business connected to international travel, backpackers can often look surprisingly suspicious, the report claimed.

“They tend to travel in groups, and almost by definition have international credit credit cards or payment accounts. Plus, they move across devices freely, using computers in internet cafes or hostels as well as their own smartphones or tablets, and they
often don’t book the next leg of their journey until shortly before they’re ready to take it.”

According to the report, a group of German backpackers in South America, for example, all using the IP of the hostel where they’re staying to book domestic flights for the next stage of their journey, will often get turned away by less accurate systems, especially if they’re careless about passport details (which is often the case with domestic flights).

The report said, “It looks like a single South American fraudster is using stolen foreign payment details to book a number of flights without bothering to change his IP.

“Domestic flights are characteristic of South American fraud attempts and carelessness about passport details can mask the lack of a real passport.”

The report suggests consumers can protect themselves in the following ways:

• Strengthen your credentials: Change your passwords every six months and don’t use the same password for everything
• Stick with the retailers you know: A website with a deal too good to be true- probably is. Stick w/ online travel sites that are established, including Priceline and Expedia
• Check the history of the travel site you’re using: Ensure that you’re not buying from a fly-by-night retailer by checking on the website’s history and traffic