Skip to main content

Test Home
You & IATA

Search

You are here: Home » Current Schemes
  • Print this page
  • Share this page

Current fraudulent e-mail schemes


IATA fake certificate emails.

Information security  has received several reports about a supposed "IATA 2015 certificate" from IATA. These emails are written in Portuguese, the email domain is @iata.adm.br , and show several links that are not coming from iata.org official webpage. We encourage our customers to ignore these emails and do not click the links.


Please observe that these emails are fraudulent and do not originate from a genuine IATA email account.

If you receive this fraudulent email, or one similar to it, please send it to information.security@iata.org as an attachment and then delete the e-mail.

 

IATA pet delivery service alert.

Information security  has received several reports about a supposed "Pet Delivery Service" from IATA. These emails are showing several misspelling errors. The customers are contacted by email and offered to receive a puppy  which will be delivered after the payment has been made. Usually the payment is suggested to be made through a delivery company and not a credit card transference. The emails look professional as the fraudsters mention fees for veterinary services.

Please observe that these emails are fraudulent and do not originate from a genuine IATA email account. In addition, IATA does not delivery pets.

If you receive this fraudulent email, or one similar to it, please send it to information.security@iata.org as an attachment and then delete the e-mail.

February 2015 alert: Fraudulent 'accounts@iatareceipts.org'  e-mails

In early February  2015 IATA has been reported by several customers about new fraudulent e-mail purporting to be from IATA. In the email it is specified that "an update in our vendor account information" has been done, therefore the customer is required to contact the fraudsters as soon as possible for further details.

These e-mails are fraudulent and do not originate from a genuine IATA account. If you receive this fraudulent email, or one similar to it, please send it to information.security@iata.org as an attachment and then delete the e-mail.

January 2015 alert:  Fraudulent 'paymnt@iata.org' e-mails

Since ends of January 2015 IATA customers have reported receiving fraudulent e-mails which affirms that there are some invoices "due for payment" and encourage to contact urgently because of " new vendor account information before your next payment". Please be advised that  IATA does not send e-mails from 'paymnt@iata.org' regarding payments or invoices.

If you receive this fraudulent email, or one similar to it, please send it to information.security@iata.org as an attachment and then delete the e-mail.

 

May 2014 alert: Fraudulent 'noreply@iata.org' e-mails

Fraudulent e-mails which appear to come from the address 'noreply@iata.org' are currently be sent by fraudsters to many IATA partners and customers. These e-mails state that the customer owes for an outstanding invoice and that new vendor account information must be provided before the next payment to IATA. Please be advised that while IATA does send e-mails from 'noreply@iata.org',  we do not send any messages regarding payments or invoices from this address.

Please also be aware that the link of 'http://www.qwe.com' which may appear in the footer of such e-mails should not be clicked. Clicking the link or navigating to the website may install malicious software on the user's computer.

If you receive a fraudulent noreply e-mail (pdf), or one similar to it, please send it to information.security@iata.org as an attachment and then delete the e-mail.

 

May 2014 alert: Fraudulent 'accountant.com' e-mails

Recently, many IATA customers have reported receiving fraudulent e-mails which either come from or have 'reply-to' e-mail addresses ending with the '@accountant.com' domain. There are many different versions of these emails in circulation; however, all are fraudulent.  IATA does not send emails from this domain or associated domains such as 'financier.com' or 'collector.org' .

If you receive a fraudulent accountant.com e-mail(pdf), or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender if it is  'accountant.com' and delete the e-mail.

 

May 2014 alert:  Fraudulent strategic partnership discount offer

IATA Information Security advises that fraudsters are sending fraudulent e-mails offering discounts on early renewal of 2015 membership fees. These e-mails purport to have been sent by IATA Strategic Partnerships, but they are in fact fraudulent e-mails.

If you receive a 2015 membership renewal discount e-mail (pdf), or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  Overdue invoice fraudulent e-mails

A recent fraudulent e-mail scam noted by IATA Information Security is an e-mail indicating that a specific invoice is overdue, resulting in additional fees and possible sanctions against the recipient. These e-mails do not originate from IATA, and may be sent from various, non-IATA domains.

If you receive an Overdue invoice e-mail (pdf), or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  IATA accreditation certificate e-mails with malware

IATA Information Security advises that there are fraudulent e-mails concerning IATA accreditation certificates being sent to our customers. These e-mails come in various forms, but some contain attachments which if opened, may infect customer computers with malware. We recommend that if you receive such e-mails, do not open or preview any attachments, especially if you use Microsoft Word with your e-mail client.

If you have questions or concerns regarding IATA Certificate e-mails (pdf), please contact us at information.security@iata.org.

 

April 2014 alert:  False requests for donations for MH370 search

Fraudsters are currently engaging in an appalling fraud attempt. E-mails are being sent to IATA partners and customers asking for donations regarding the search for missing flight MH370. These e-mails do not originate from IATA.

If you receive a False MH370 donation e-mail (pdf), or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  AOL e-mails regarding CASSLink login and "new" bank details

Please be aware that fraudsters are currently sending e-mails from AOL accounts stating that IATA customers should review their CASSLink records and revert back for "new" banking details. These e-mails do not originate from IATA.

If you receive an AOL-CASSLink e-mail (pdf) or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  Noreply@iata.org e-mails with reply-to domain of @iataduepayments.org

Please be aware that fraudsters are now sending e-mails which appear to come from "noreply@iata.org". However, the email address is actually spoofed and the fraudster indicates that their e-mail address is iata@iataduepayments.org or a similar address from the same @iataduepayments.org domain.

If you receive a noreply_iataduepayment e-mail (pdf) or one similar to it, please send it to information.security@iata.org as an attachment, then delete the e-mail.

 

Contact information

To report fraudulent e-mails, or if you have any questions relating to fraudulent e-mails, please contact us at information.security@iata.org

 

Additional information

ADVERTISEMENT


Additional information

© International Air Transport Association (IATA) 2015. All rights reserved.