Airline Ticketing Fraud Scam Resurfaces After 7 Years

Image: Be on the lookout for cyber-attacks and phishing scams. (photo via iStock/Getty Images Plus/Melpomenem)
Image: Be on the lookout for cyber-attacks and phishing scams. (photo via iStock/Getty Images Plus/Melpomenem)
Laurie Baratti
by Laurie Baratti
Last updated: 6:16 PM ET, Mon September 27, 2021

Airlines Reporting Corporation (ARC) is cautioning travel advisors that, over the past seven months, an airline ticketing fraud scheme has resurfaced after remaining dormant since 2014.

ARC said that its fraud detectors had identified approximately 80 instances of unauthorized ticketing through mid-September, together representing around $1.2 million in illegal sales.

ARC's manager of fraud investigations, Doug Nass told Travel Weekly that successful unauthorized ticketing attacks typically see the scammers issuing between five and ten airline tickets using an unsuspecting travel advisor's global distribution system (GDS) credentials. He said the average value of those tickets tends to be between $800 and $1,200. The targeted victims have most frequently been small and midsize travel agencies, he said, as well as large ticket consolidators.

To obtain the victim's GDS credentials, the crooks send phishing emails to their travel advisor targets, which claim to be official communications from one of the three major GDSs-Travelport, Amadeus and Sabre. In a webinar earlier this month, ARC presented one example where the fraudsters impersonated Sabre using the subject line "Sabre System Upgrade Notification Letter".

The counterfeit communication read: "Sabre is adding a new level 3 of security at time of signing into the reservations system. All users are required to enter a member login information (sic). Once you are logged in, Sabre will be notified that Sabre Red Workspace has been confirmed." The recipient was then prompted to follow a link (a common phishing tactic) where they would enter their Sabre credentials.

Nass disclosed that the con artists have been masquerading as two of the three major GDSs, thus far; although he wouldn't say which was the second being spoofed besides Sabre. Apparently, ARC hasn't granted him authorization to release that information.

Travel Weekly reported that both Sabre and Travelport declined to offer any comment on the situation, while Amadeus did respond, but didn't directly address the issue. "Since the outbreak of the Covid-19 pandemic, we are seeing a growing number of malicious attempts in the cybersecurity space," the company said. "We are working hand in hand with our customers, guiding them with a set of practical security controls and measures they can easily take during these challenging times."

Nass and ARC's Director of Revenue Integrity, Cornelius Hattingh, agreed that the fraudulent activity appears to be based in West Africa, with tickets being issued for departures from airports in Casablanca, Morocco; Dakar, Senegal; Abidjan, Ivory Coast; and others.

Due to their location, the scammers often succeed in covertly selling tickets using a travel advisor's credentials during what are the overnight hours in the U.S. By the time agents get back to work the next day, those buyers have already boarded their flights, and the travel agency is left holding the bag.

Hattingh said that, in some instances, ARC may work with the victimized agency by attempting to void the fraudulent transactions. "If a person is already flying, we ask the agent to engage with the airline directly for a refund. It becomes a tricky environment," he said.

Nass said travel advisors should exercise increased caution to avoid falling prey to such scams. In particular, he advised that no one should ever click on an emailed link unless it's part of an email they were already expecting. Also, it's important to check the sender's address to be sure it's originating from a known URL.

Phishing emails will often come from an address containing an unfamiliar domain, or one that is misspelled or differs only slightly from the one belonging to the company they're spoofing.

Nass also said that travel agencies should shore up their training and ensure that every employee with access to its GDS credentials is aware of this scheme.


For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.

Topics From This Article to Explore

More From TravelPulse

Related Videos

Laurie Baratti

Laurie Baratti

Assistant Editor

Laurie Baratti is an Assistant Editor for TravelPulse. She is a San Diego-based journalist whose work has previously appeared in publications like TravelAge West, SPACE, Modern Home + Living, Montage, and Sandals Life magazines. Travel writing has long been her passion, and she is always looking for excuses to explore the world outside of her native California. Laurie is also a lifelong equestrian, a proud pet-parent, and an underground advocate of the Oxford comma.

Grow Your Travel Business With Certified Courses

Travel Agent Academy
Travel Agent Academy
Puerto Vallarta Specialist ProgramEnveloped in the beauty of a by-gone time, this colorful town on Mexico’s Pacific Coast is sure to win...
Travel Agent Academy
Travel Agent Academy
Korea Travel Specialist ProgramThis course will allow you to explore this fascinating country's incredible diversity of experiences...
Travel Agent Academy
Travel Agent Academy
Costa Rica Specialist ProgramCosta Rica Specialist Program academy ENROLL NOW Costa Rica offers golden shores, fish-filled waters,...
Travel Agent Academy
Travel Agent Academy
Puerto Vallarta Specialist ProgramEnveloped in the beauty of a by-gone time, this colorful town on Mexico’s Pacific Coast is sure to win...
Travel Agent Academy
Travel Agent Academy
Korea Travel Specialist ProgramThis course will allow you to explore this fascinating country's incredible diversity of experiences...
Travel Agent Academy
Travel Agent Academy
Costa Rica Specialist ProgramCosta Rica Specialist Program academy ENROLL NOW Costa Rica offers golden shores, fish-filled waters,...

Don't Miss These Travel Agent Events and Trainings

Upcoming Webinar
Authentically Mediterranean: Discover Celestyal’s New Western Mediterranean Itineraries & Iconic ClassicsTuesday, July 21, 2026
2:00pm Eastern
The Mediterranean is more than just a destination, it’s our home. Join Celestyal to learn why we are...
Upcoming Webinar
July The Travel Corporation WebinarTuesday, July 21, 2026
2:00pm Eastern
Save your spot for this upcoming webinar! Details coming soon!
Upcoming Webinar
Sani/Ikos Group: Luxury Beachfront Resorts in Greece & SpainTuesday, July 28, 2026
2:00pm Eastern
Join us for an exclusive webinar introducing Sani/Ikos Group, a collection of luxury beachfront...
Upcoming Webinar
Authentically Mediterranean: Discover Celestyal’s New Western Mediterranean Itineraries & Iconic ClassicsTuesday, July 21, 2026
2:00pm Eastern
The Mediterranean is more than just a destination, it’s our home. Join Celestyal to learn why we are...
Upcoming Webinar
July The Travel Corporation WebinarTuesday, July 21, 2026
2:00pm Eastern
Save your spot for this upcoming webinar! Details coming soon!
Upcoming Webinar
Sani/Ikos Group: Luxury Beachfront Resorts in Greece & SpainTuesday, July 28, 2026
2:00pm Eastern
Join us for an exclusive webinar introducing Sani/Ikos Group, a collection of luxury beachfront...