Fraud Detection & Prevention.pdf

Full Transcript

CTPI: FRAUD DETECTION & PREVENTION
Fraud Detection & Prevention

Course Objectives

Define what is fraud and its types

Identify a fraudster’s behavior

Detect the offender and their activities

Prevent fraudsters from attacking the travel industry
Fraud Detection & Prevention

/frôd/
o wrongful or criminal deception intended to result in financial or personal gain

o a person or thing intended to deceive others, typically by unjustifiably claiming or being
credited with accomplishments or qualities
Fraud Detection & Prevention

TARGETS

BUSINESSES GOVERNMENTS INDIVIDUALS
Fraud Detection & Prevention

TYPES OF FRAUD

Internal External
Asset misappropriation Bid rigging
Corruption Goods/services not provided
Reporting Fraud Dishonest customers
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

PHISHING SPOOFING PHONE SCAM

MAN-IN-THE MIDDLE ATTACK IDENTITY THEFT
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

PHISHING

o Fraudster tries to collect information from their targets
o Pretends to be an organization or individual you can trust
o May be done directly or by using malware/spyware
o Incentivizes target to get information
o There may be a consequence encouraging you to give info
Fraud Detection & Prevention

PHISHING Email Sample – How to Spot & Prevent

How to Prevent

✓ Do not give out information requested by email
✓ Navigate to the company’s website and contact list to verify email address used
✓ Monitor your accounts
✓ Use malware or spyware protection
✓ Notify the team
✓ Notify the Manila IT Team if the email was sent to your CastoTravel.PH email
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

SPOOFING

o Fraudster get access to your email
o Often gains access through a phishing attack
o Uses spoofed emails to phish or install malware or spyware
o These mails will be easier to spot than other phishing
emails
Fraud Detection & Prevention

SPOOFING Sample – How to Spot & Prevent

How to Prevent

✓ Never click an untrusted/unsolicited links from an email
✓ Never give out your email password; Use strong passwords
✓ Watch out for any too good to be true emails
✓ Do not give out your personal information
✓ Ensure you have good anti-virus, malware and spyware protection
✓ Notify the rest of the your team about the email
✓ Notify the Manila IT Team if the email was sent to your CastoTravel.PH email
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

PHONE SCAMS

o Fraudster attempts to get information, access or resources
by phone
o Impersonates a person to gain your trust
o Tries to collect information, access your network or other
resources to commit other frauds
o Gets you to give them money or gift cards
Fraud Detection & Prevention

PHONE SCAM Sample – How to Spot & Prevent

How to Prevent
Hi, Jane! I need a gift
certificate for tonight’s
travel. Your initial GC
sent to my email didn’t
✓ If non-profiled, no booking
work.
✓ If profiled, perform extra security verification
✓ Follow your company’s booking and approval
process
✓ Ask for ways to identify the person, send the
Expired GCs can be email to his work email and let him
frustrating in booking
an urgent trip. Let me acknowledge
send a new one!
✓ Offer a callback and ask for a publicly available
details
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

MAN-IN-THE-MIDDLE ATTACK

o A cyber-attack that collects information when transmitted
from an unsecure website
o Information are personal identifiable such as financial,
personal or log in information
o Uses information for phishing, spoofing or any types of
fraud activities
Fraud Detection & Prevention

MAN-IN-THE-MIDDLE ATTACK Sample – How to Spot & Prevent

How to Prevent

✓ Look for websites that start with https://
(secured website)

✓ Use different passwords for different websites

✓ Watch out for being re-routed from one domain
to another
Fraud Detection & Prevention

FRAUD ACTIVITY TYPES

IDENTITY THEFT

o One of the ways that your obtained personal information is
used
o Commonly used for financial and personal gain such as
applying for credit, making rentals and purchases
o Can be used for any sort of application for the benefit of
the fraudster
Fraud Detection & Prevention

IDENTITY THEFT Sample – How to Spot & Prevent

How to Prevent
Hi, Jane! I am Don
Casto. I need a ticket to
Istanbul tonight. Can
you book one for me, ✓ If non-profiled, no booking
please?
✓ If profiled, perform extra security verification
✓ Follow your company’s booking and approval
process
✓ Ask for ways to identify the person, send the
email to his work email and let him
Of course, Mr.
Casto. Business or acknowledge
first-class ticket?
✓ Offer a callback and ask for a publicly available
details
Fraud Detection & Prevention

“Travel fraud is escalating at an unprecedented rate. In 2017, fraudulent attacks cost
travel intermediaries a whopping USD21 billion.”

-Anthony Hynes
Managing Director and CEO, eNett International

SOURCE: https://www.globalbankingandfinance.com/fighting-fraud-in-the-travel-industry/
Fraud Detection & Prevention

TRAVEL INDUSTRY FRAUD: RED FLAGS
o Urgent travel – same day or next day o Would prefer to talk to the same agent
o Non-profiled o Uses corporate credit cards or cash as form of
o Pretends to be one of the officials of the company payment
o Uses generic emails instead of corporate emails. o Friendly and accommodating most of the time
May request to have other email address removed o Gets in a hurry if asked some questions
from the booking. o Registered as anonymous in phone systems or uses
o Unusual travel origin and destination, mostly VOIP
international
Fraud Detection & Prevention

PREVENTION
o Practice active listening
o Control the call
o Ask for information, do not provide
o Follow the company’s approval or booking policy
o No profile no booking
o Perform extra security verification (for identity theft)
o Report any phishing or spoofing emails to our MNL IT Team
o Escalate to supervisors for everyone’s awareness
o Do not browse or open any untrusted external links or websites
Fraud Detection & Prevention

FRAUD ME NOT

1. Miss Luz sent you an urgent email to book a travel for a client using Casto travel funds. She needs it tonight and
can't call you since she is heading to a meeting in Quezon City.

2. Your caller lost his credit card. You opted to use his company's credit card instead for personal travel.

3. Your US day team leader called you (afterhours) to book a flight for one of your clients tonight. He said he has
the approval letter but cannot send it now due to limited access to work email.

4. Your client claimed that your competitor’s website offers a lower fare and wants you to click and book the
flight on the link you’ve never seen.

5. Mrs. Casto called you and asked for Elaine’s date of birth, email address and credit card information.
Fraud Detection & Prevention

CTPI Policy – Conduct & Behavior
Fraud Detection & Prevention

CTPI – Questions & Support

❑ Pod Supervisors
❑ Manila IT Team – [email protected]
❑ Training Team – [email protected]
❑ Human Resources – [email protected]
Fraud Detection & Prevention

QUESTIONS