If you want to fight fraudsters, you have to think like one. Today, we’ll see what they look for when buying travel tickets in order to resell them.
As we’ve previously covered, the travel industry is increasingly hit by criminals who use stolen credit card numbers and account takeover to purchase tickets. Whether it’s for airplanes or hotel bookings, the concept is the same.
How fraudsters buy their tickets
Assuming they are armed with a number of stolen credit card numbers, the first step fraudsters will take is to look at where to buy the tickets. Because small travel agencies are less likely to have a strong security solution in place, fraudsters favour them over larger companies.
“Because small travel agencies are less likely to have a strong security solution in place, fraudsters favour them over larger companies.”
Here are some of the operational security solutions they can easily bypass:
- Email address: very easy for fraudsters to use disposable email addresses
- Phone calls: they rely on VOIP (voice over IP) to speak to operators in person
- Geolocation: VPNs can fake an IP address to the desired location
- Account information: they have tons of resources on creating disposable info in order to avoid static data
In terms of the methods employed, fraudsters have a number of details ready to buy the tickets from multiple accounts (in case one or a few of them fail to go through). By targeting the same timeframe or hotel with numerous accounts, they increase their chances of succeeding.
Another interesting tidbit: fraudsters prefer buying over the phone, as it leaves no data footprint as to who the caller is.
What can be done to mitigate risk?
Understanding the points above can go a long way in stopping tickets from being bought for resale. For instance, historically, fraudsters would favour buying last minute tickets. In fact, one airline estimated that 80% of tickets bought with stolen credit cards were purchased within 24 hour of the departure time.
It is the kind of knowledge that helped fraud-prevention solution become more targeted. Which is why, during our research on buying tickets on the darknet, we found that some sellers refused to offer last minute tickets – they knew the risk of getting caught was too high.
As you can imagine, staying on top of the latest fraud techniques and trends will give your travel company a serious advantage. But there are also a number of tools and actions you can implement to fight fraud:
- Data enrichment: avoiding data silos and getting a better picture of who your buyers are is primordial in fighting fraudsters
- Buyer profiling: similarly, getting as much info about your buyers and the transaction is key
- Combining machine learning with human intelligence: we’ve written a whole post on the subject and how it helps create more efficient manual reviews.
- Highly trained prevention team: spotting, flagging, and understanding fraud must come from everyone in order to be more effective.
As we’ve seen when buying darknet plane tickets ourselves, the offer is definitely there. Which means the demand fuels supply – and fraudsters can get away with a lot while you risk getting caught, and possibly detained.
And sadly, the techniques fraudsters use to buy travel tickets also work for car hire, hotels and accomodation. No vertical is really safe from stolen credit cards – unless they understand the risks, best tools to employ, and know where to focus their fraud prevention efforts.