Fraud Detection & Prevention PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document provides an overview of fraud detection and prevention, focusing on the travel industry. It covers different types of fraud, including phishing, spoofing, and phone scams, along with prevention strategies. The document also includes specific examples and best practices to help identify and avoid fraudulent activities.
Full Transcript
CTPI: FRAUD DETECTION & PREVENTION Fraud Detection & Prevention Course Objectives Define what is fraud and its types Identify a fraudster’s behavior Detect the offender and their activities Prevent fraudsters from attacking the travel industry Fraud Detecti...
CTPI: FRAUD DETECTION & PREVENTION Fraud Detection & Prevention Course Objectives Define what is fraud and its types Identify a fraudster’s behavior Detect the offender and their activities Prevent fraudsters from attacking the travel industry Fraud Detection & Prevention /frôd/ o wrongful or criminal deception intended to result in financial or personal gain o a person or thing intended to deceive others, typically by unjustifiably claiming or being credited with accomplishments or qualities Fraud Detection & Prevention TARGETS BUSINESSES GOVERNMENTS INDIVIDUALS Fraud Detection & Prevention TYPES OF FRAUD Internal External Asset misappropriation Bid rigging Corruption Goods/services not provided Reporting Fraud Dishonest customers Fraud Detection & Prevention FRAUD ACTIVITY TYPES PHISHING SPOOFING PHONE SCAM MAN-IN-THE MIDDLE ATTACK IDENTITY THEFT Fraud Detection & Prevention FRAUD ACTIVITY TYPES PHISHING o Fraudster tries to collect information from their targets o Pretends to be an organization or individual you can trust o May be done directly or by using malware/spyware o Incentivizes target to get information o There may be a consequence encouraging you to give info Fraud Detection & Prevention PHISHING Email Sample – How to Spot & Prevent How to Prevent ✓ Do not give out information requested by email ✓ Navigate to the company’s website and contact list to verify email address used ✓ Monitor your accounts ✓ Use malware or spyware protection ✓ Notify the team ✓ Notify the Manila IT Team if the email was sent to your CastoTravel.PH email Fraud Detection & Prevention FRAUD ACTIVITY TYPES SPOOFING o Fraudster get access to your email o Often gains access through a phishing attack o Uses spoofed emails to phish or install malware or spyware o These mails will be easier to spot than other phishing emails Fraud Detection & Prevention SPOOFING Sample – How to Spot & Prevent How to Prevent ✓ Never click an untrusted/unsolicited links from an email ✓ Never give out your email password; Use strong passwords ✓ Watch out for any too good to be true emails ✓ Do not give out your personal information ✓ Ensure you have good anti-virus, malware and spyware protection ✓ Notify the rest of the your team about the email ✓ Notify the Manila IT Team if the email was sent to your CastoTravel.PH email Fraud Detection & Prevention FRAUD ACTIVITY TYPES PHONE SCAMS o Fraudster attempts to get information, access or resources by phone o Impersonates a person to gain your trust o Tries to collect information, access your network or other resources to commit other frauds o Gets you to give them money or gift cards Fraud Detection & Prevention PHONE SCAM Sample – How to Spot & Prevent How to Prevent Hi, Jane! I need a gift certificate for tonight’s travel. Your initial GC sent to my email didn’t ✓ If non-profiled, no booking work. ✓ If profiled, perform extra security verification ✓ Follow your company’s booking and approval process ✓ Ask for ways to identify the person, send the Expired GCs can be email to his work email and let him frustrating in booking an urgent trip. Let me acknowledge send a new one! ✓ Offer a callback and ask for a publicly available details Fraud Detection & Prevention FRAUD ACTIVITY TYPES MAN-IN-THE-MIDDLE ATTACK o A cyber-attack that collects information when transmitted from an unsecure website o Information are personal identifiable such as financial, personal or log in information o Uses information for phishing, spoofing or any types of fraud activities Fraud Detection & Prevention MAN-IN-THE-MIDDLE ATTACK Sample – How to Spot & Prevent How to Prevent ✓ Look for websites that start with https:// (secured website) ✓ Use different passwords for different websites ✓ Watch out for being re-routed from one domain to another Fraud Detection & Prevention FRAUD ACTIVITY TYPES IDENTITY THEFT o One of the ways that your obtained personal information is used o Commonly used for financial and personal gain such as applying for credit, making rentals and purchases o Can be used for any sort of application for the benefit of the fraudster Fraud Detection & Prevention IDENTITY THEFT Sample – How to Spot & Prevent How to Prevent Hi, Jane! I am Don Casto. I need a ticket to Istanbul tonight. Can you book one for me, ✓ If non-profiled, no booking please? ✓ If profiled, perform extra security verification ✓ Follow your company’s booking and approval process ✓ Ask for ways to identify the person, send the email to his work email and let him Of course, Mr. Casto. Business or acknowledge first-class ticket? ✓ Offer a callback and ask for a publicly available details Fraud Detection & Prevention “Travel fraud is escalating at an unprecedented rate. In 2017, fraudulent attacks cost travel intermediaries a whopping USD21 billion.” -Anthony Hynes Managing Director and CEO, eNett International SOURCE: https://www.globalbankingandfinance.com/fighting-fraud-in-the-travel-industry/ Fraud Detection & Prevention TRAVEL INDUSTRY FRAUD: RED FLAGS o Urgent travel – same day or next day o Would prefer to talk to the same agent o Non-profiled o Uses corporate credit cards or cash as form of o Pretends to be one of the officials of the company payment o Uses generic emails instead of corporate emails. o Friendly and accommodating most of the time May request to have other email address removed o Gets in a hurry if asked some questions from the booking. o Registered as anonymous in phone systems or uses o Unusual travel origin and destination, mostly VOIP international Fraud Detection & Prevention PREVENTION o Practice active listening o Control the call o Ask for information, do not provide o Follow the company’s approval or booking policy o No profile no booking o Perform extra security verification (for identity theft) o Report any phishing or spoofing emails to our MNL IT Team o Escalate to supervisors for everyone’s awareness o Do not browse or open any untrusted external links or websites Fraud Detection & Prevention FRAUD ME NOT 1. Miss Luz sent you an urgent email to book a travel for a client using Casto travel funds. She needs it tonight and can't call you since she is heading to a meeting in Quezon City. 2. Your caller lost his credit card. You opted to use his company's credit card instead for personal travel. 3. Your US day team leader called you (afterhours) to book a flight for one of your clients tonight. He said he has the approval letter but cannot send it now due to limited access to work email. 4. Your client claimed that your competitor’s website offers a lower fare and wants you to click and book the flight on the link you’ve never seen. 5. Mrs. Casto called you and asked for Elaine’s date of birth, email address and credit card information. Fraud Detection & Prevention CTPI Policy – Conduct & Behavior Fraud Detection & Prevention CTPI – Questions & Support ❑ Pod Supervisors ❑ Manila IT Team – [email protected] ❑ Training Team – [email protected] ❑ Human Resources – [email protected] Fraud Detection & Prevention QUESTIONS