When Expedia launched in 1996, few people believed it would grow into the travel behemoth it is today. The idea of booking cars, hotels and flights online seemed far fetched. In 2017, the company made $12 Billion in revenue.
Expedia’s growth mirrors that of the online travel industry at large. Digital travel sales are booming worldwide, fueled by review sites, e-commerces of travel company websites, and third-party e-commerce acting as ticket brokers and resellers.
But all’s not well in the industry. A growing number of sophisticated attacks and fraudulent attempts on travel companies means the risk teams are busier than ever.
Our guide will help them understand why these online travel fraud attacks happen, and how to fight them.
Breaking Down the Most Common Attack Vectors
The first section in our downloadable guide establishes the lay of the land when it comes to online travel and fraudsters. We’ll break down challenges such as:
- Purchases through fake ID / stolen credit cards: as a recent report claims, stolen credit card information can be sold for as cheaply as $14, it’s no surprise fraudsters use and dispose of them as they please.
- Phishing for account takeover: fraudsters send mass emails designed to spoof those of travel companies. Email links redirect users towards fake websites designed to capture credentials.
- Chargebacks: fraudsters take advantage of card-not-present channels (phone orders, desktop or mobile payments) to purchase digital tickets and claim they were never delivered. This incurs expensive admin and bank fees for the vendor.
Other Forms of Travel-Related Fraud
Our guide also looks at new kinds of travel-related scams, such as:
- Ticket cancellations to win flight credits: the marketing department, whose goal is to attract new customers, often uses promotions delivered via flight credits. Fraudsters book the flights with stolen credit card numbers and reap the rewards. This is very close to bonus abuse, which is rampant in other industries such as iGaming and gambling, for instance.
- Loyalty point fraud: loyalty points, air miles and travel credit are used for travel scams. These are as valuable as real currency when fraudsters can acquire them at minimal cost and resell them for profit.
A Deep Dive into Darknet Marketplaces
The eBay of fraud is a worrying yet fascinating place for anyone interested in risk management. Below are a few of the numbers we discovered when we tried to buy travel tickets on the dark web, and imagined what would happen if we travelled with illegal plane tickets.
- Airline flights sold at 30% of their retail value.
- Hotel bookings sold at 35% of their retail value.
- Fraudulent ticket lifecycle diagram.
- Car rental at 30% of the retail value.
- Tours and activities at 30% of the retail value.
- Login details for major airline operators, hotel booking websites and travel agencies, starting at $0,2 – $1,55 per account.
The second part of our investigation also looks at all the training materials you may find on the dark web, such as carding guide for beginners, and entire ebooks on purchasing travel tickets with stolen credit cards.
Some Concrete Advice on Spotting Suspicious Behaviour
The biggest part of our guide focuses on delivering actionable information on how to spot fraud and fight it at your travel company. Make sure you download the guide to see how:
- Later bookings can increase risk, and what percentage of last-minute purchases turn out to be fraudulent.
- Why geolocation is so important and where you should focus your IP analysis efforts.
- Which journey types should raise suspicion, and where more stringent ID verification steps can go a long way.
- All about passenger demographics and how it relates to potential fraud. Which age group, passenger type and transaction amount should you automatically send into manual review?
- How useful are email profiling and device fingerprinting? As you’ll see based on our proprietary data, it turns out that these anti-fraud tools matter a lot.
For instance, did you know that mobile purchases – the fastest-growing channel for acquiring travel tickets – are actually safer than personal computers, with a 99% chance of legitimacy?
Tools and Techniques you Should Leverage Today
Last but not least, our guide will go over the most important anti-fraud tools and techniques you should deploy to protect your online travel or ticketing company. We’ll take an in-depth look at solutions such as data enrichment, buyer profiling, and when machine learning works – but only if it’s accompanied with training for the right department.
Furthermore, we’ll look at different options such as:
- Custom rules: not something machine learning can do, but the right anti-fraud system should absolutely let your risk team tailor rules to their own needs.
- Whitelisting / Blacklisting: one of the oldest techniques for blocking fraudsters is also surprisingly efficient. See how to do it right and what options your system should offer.
- Flagging suspicious users who have not yet committed any fraud: based on their experience, the best fraud managers should be able to anticipate potential attacks from otherwise unsuspicious users. Just make sure you give them the tools to flag the right data points and behaviour.
- Complete system control: one of the most important points for fraud managers is the ability to leverage automation without rescinding control over the system. A good hybrid solution should allow one without sacrificing the other.
- Integration types: should you go for end-to-end? Or adopt an approach that is closer to multi-layered fraud prevention?
Ready to Reduce Travel Scams Today?
Download our free guide today and get a head-start against the competition. You’ll also be able to future-proof your business against innovative fraud attacks so you can grow with complete peace of mind.
You might also be interested in reading about:
- SEON: Travel Fraud Guide
- SEON: Travel & Ticketing: Software Management Solutions
- SEON: Top Fraud Management Systems
- SEON: Fraud Detection & Prevention: Features, Solutions & Software?
Learn more about:
Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection Machine Learning & AI