Written By: Chad Burt, Co-Owner – OutsideAgents.com
The late 80s saw the introduction of the internet directly to your home. What was once limited to military use, now allowed people all over the world to be connected. The power of that connection can be great, bringing joy and laughter in the form of messages from friends and videos of grumpy cats, but there is also a darker side, too. This high level of connectivity also leaves us vulnerable to fraud and criminal activity.
We have all heard the stories of fraud… sometimes it’s “professionals” sending an email with a too good to be true offer or a thief using someone’s stolen credit card or identity to make a quick buck. However, more and more commonly seen is a less “criminal” but just as harmful form of fraud. It’s a consumer that uses the system to take advantage or a client that’s angry about the weather during a trip and is going to take it out on you.
Hopefully, you never encounter fraud in your professional life, but as it becomes more prevalent, chances are you will. Let’s take a look at some of the most common types of fraud and then some suggestions to prevent it or at least be prepared if it does happen.
Types of Fraud
Fraud is constantly evolving and becoming more sophisticated, but booking travel using stolen credit cards is still a popular classic. Part of this evolution, though, is how easy it is to get lists of stolen identities and credit card info. For very minimal cost and effort, a criminal can get an unlimited supply of identities using nothing more than a Tor browser, an anonymous VPN, and a Hushed phone service. A few things to look for that may alert you of this situation:
- The travel date will probably be very close to the booking date
- The client may offer multiple cards due because the card keeps getting declined
- Flights may not originate in the US and may go to an obscure travel destination
- The card(s) don’t match the traveler’s name.
Important Person or Urgent Matter
This is a longer con, but still part of the stolen credit card fraud game. The fraudster will use a variety of tactics to create a sense of importance/urgency to push you to book travel for them in a hurry. They may present themselves as someone important or coordinating travel for someone important, like an executive, celebrity, etc. An another approach is to try to manipulate your emotions by saying they need to travel quickly because a loved one is sick. These fraudsters may even book a legitimate trip with you to create a sense of security and familiarity. It’s called probing. Don’t let them get one over on you.
Fraud can also come from what seem like legitimate clients. Chargeback fraud, also known as “friendly fraud,” is anything but friendly. Here’s the scenario: You book a trip for your client, charge a plan-to-go fee, or provide other travel related services. Your client will take the trip, then dispute the charge with their credit card company. They claim the trip was never received, or was not delivered as described, with the intent to get their money back. This type of fraud has become more and more common because credit card companies almost always side with their clients and it’s your obligation to prove they’re being dishonest.
This type of fraud comes in multiple forms, but the most common is via email. You receive an email from a stranger or possibly someone claiming to know you through a friend and they promise a great deal or suggest a way to make money fast. Don’t take the take the bait. It’s a common scam involving emails that look like they’re coming from a reputable source you recognize, like a vendor you’ve worked with in the past. The scammers even go so far as to secure a convincing email address, and design the emails exactly like legitimate emails from that company. There may be a link you click on, giving the sender access to your computer, or they may try to get you to provide personal data, such as passwords, social security number, recovery questions, etc.
You may think hacking is the most prevalent form of fraud you’ll encounter, but the truth is, it’s very unlikely you’ll be the victim of true hacking. Hackers are digital burglars, coming for your digital assets, like credit card info, your identity, or even just your social connections. Frankly, if they get just your email address and password, you’re going to have a really bad day. Along the same vein, instead of stealing data to use, hackers are breaking into your computer and holding it captive, demanding a ransom for its release. Generally these types of attacks are reserved for larger targets. However, as your agency grows, you may find yourself a victim if you don’t protect your digital devices.
These are some of the most common forms of fraud. But as technology advances, so does fraud and new ways to deceive and steal are invented every day. So what can you do to protect yourself and your company? There is no way to be 100% protected unless you move to the Yukon and live off the grid. Short of that extreme step, here are some suggestions that will help you minimize your risk and have you prepared should you become a victim.
Ways to Protect Yourself
Your First Line of Defense
Protect your computer and use common sense. A few simple to implement tools and concepts can make you much less vulnerable and encourage criminals to move on to easier targets.
- Antivirus software: This is the most important and easiest thing you can do. Make sure to use a reputable antivirus program, and keep it updated regularly. Also update your computer operating system (OS) when prompted, as your OS will provide patches for security vulnerabilities.
- Emails: Make sure if you receive email attachments you have antivirus software that scans these attachments before you open them, regardless of the sender. Use a service like hpHosts to check if links are safe to click. Heck, just hover over the link in your email, without clicking, and you should be able to readily identify suspicious links using nothing more that common sense.
- Passwords: Finally, use complex passwords, and a different one for each site. The days of using your dog’s name with an explanation point are over. Use a password generator to create your passwords and then store them a password manager like StickyPassword or LastPass for easy access.
Treat every client like they’re new.
Whether you’re booking a new client or the fourth river cruise for a returning client, from the perspective of paperwork, treat each one like they’re new.
- Identification: Each time you book a trip, make sure you look at a form of identification, and verify its legitimacy (Learn how to spot a fake id here: https://m.wikihow.com/Spot-a-Fake-I.D.)
- Communication: Make sure to save a record (emails and texts) of every conversation you have with the client, and have the client send written approval for any changes.
- Payment: A credit card authorization form and written approval for each approved charge is a must. A simple email trail showing they approved the charge coupled with a signed authorization form is a powerful tool when fighting fraudulent chargebacks.
Don’t be afraid to say no.
When it comes to combating fraud, trust your gut. If something feels off with a client or a request, dig deeper, ask questions and be cautious. Don’t be so desperate to make a sale that you ignore the warning signs. In your rush to close the deal, you could end up costing yourself much more than the commission would have paid. It’s okay to say “no thanks” to a new client or a suspicious booking to protect your agency.
What to Do if You Become a Victim
With so much fraud in today’s marketplace, odds are it will eventually show its ugly face, even when you try your best to stay safe. First and most important…don’t panic, then follow a few simple steps to help you recover.
- Report the crime. Phishing scams should be reported to the Federal Trade Commission (FTC) through this submission page (www.ftccomplaintassistant.gov/#crnt). Viruses or other types of hacking should be reported to the Internet Crime Complaint Center (www.ic3.gov/default.aspx). Be prepared to provide proof in the form of copies of emails, screen shots of communications through social media or documentation of related to the virus or hacking.
- Secure your computer. If you discover or suspect a computer virus take immediate steps to clean your computer using your antivirus on a full scan and a cleaning software like Ccleaner from piriform.com. If a password has been stolen or guessed, change it. Use a password generator to create a new, stronger password using at least 10 random numbers and letters. Including special characters makes it even more secure.
- Use the legal system. With chargeback fraud where the client is abusing the dispute process, if the client resides in the same state as you, your best bet is to take them to small claims court. If you are dead right, small claims court allows you to potentially recoup your money via the legal system or at the very least make the person more willing to work with you to come up with a solution. Certainly, making the casual fraudster appear in court sends a message and it may make them less likely to try it again. You will want to send a demand letter to the fraudster prior to filing with the courts, because it shows the judge you made an attempt to settle the dispute prior to showing up in court.
- Recover your losses. And finally, talk to your accountant about reporting the fraud as loss on your taxes. In many cases you will not be able to recover the financial loss directly, but reporting it as loss on your taxes can take a little of the sting out of the situation.
As small business owners and travel agents, we all have targets on our backs. Fraud is part of our industry, so be careful and put safeguards in place. Be smart and use common sense when working with clients and managing your business. And then, book yourself a vacation…you’ve earned it!