Skip to main content

Test Home
You & IATA

Search

You are here: Home » Handling and Reporting Fraudulent e-Mails

Fraudulent e-Mails

There are ongoing attempts to obtain payments from users of IATA products and services through fraudulent e-mail messages. On this page you will find resources to help you detect such fraud and report it to us.

Handling and reporting

Tactics used by fraudsters

  • Fraudsters contact IATA customers by e-mail or telephone, seeking payment for products, services, or other outstanding amounts due 
  • Often the fraudster will use names similar or identical to those of IATA officials
  • Fraudsters use e-mail addresses that include the acronym ‘iata’, but come from different domains such as @iatafinances.org
  • The e-mail may appear to come from IATA (such as accounts@iata.org), but the fraudster is using a spoofing technique to hide the true sender address
  • Fraudsters send fake IATA invoices bearing the official IATA logo, and staff names. However, “new” bank account information is provided

What you can do to protect your organization

  • Recognize fraudulent e-mails. Read our Fraudulent e-mails warning (pdf)
  • Always be wary of requests to update bank account information
  • The e-mail addresses below have been used by fraudsters recently. If you receive an e-mail from any of these addresses or domains, please save the e-mail and send it to us as an attachment; or, send us the e-mail header information. Then block the sender. 

 
Fraudulent e-mail addresses and domains:

accounts@iata.org

billing@iata.org        

info_payment@iata.org

and any emails ending with:

@aol.com

@financier.com

@aol.co.uk

@invoices-iata.org

@mieose.net

@iata-accounting.org     

@iata-invoicing.org

@iatainvoicing.org

@iata-a.org

@iata-subscription.org

@iatasecurity.org

@iata-security.org

@iataarevmgt.org

@iataaccounting.org

@iata-update.org

@iatafinancedesk.org

@iata-invoic.org

@ia-t.org

@iata-inquiry-online.org

@iatarevision.org

@iata-napa.com

@collector.org

@gmail.com

@onlineiata.org

@stipendiata.org

@iataacc.org

@iata-billing.org

@iataduepayment.org

@iata-admin.org

@iatagarnish.org

@iatafinancing.org

@iata-finance.net      

@iata-fee.org

@iata-bill.org

@iata-accounts.org

@iata.me

@iataonline.net

@iatancard.com

@iatainvoice.org

@iata-acc.org

@iataduepayments.org

@iatainternational.org

@yahoo.com

@accountant.com

@payment-iata.org

@outlook.com

@iata-team.org

@iataglobal.org

@iataedu.com

@iata-account.org

@iata-inv.org

@iatainvoces.org

@iata-finances.org

@iatabsplink.org

@iata-admin1.org

@iata-desk.org

@iatafi.org

@iataservices.com

@iata-invoice.org

@iata-bills.org

@iata-financedesk.org

@fly-iata.com

@iata-finance.org

  • If you are unsure of whether the e-mail you have received comes from IATA, write to us at information.security@iata.org. Please make sure to attach the full fraudulent message 

April 2014 alert:  IATA Accreditation Certificate e-mails with malware

IATA Information Security advises that there are fraudulent e-mails concerning IATA accreditation certificates being sent to our customers. These e-mails come in various forms, but some contain attachments which if opened, may infect customer computers with malware. We recommend that if you receive such e-mails, do not open or preview any attachments, especially if you use Microsoft Word with your e-mail client.

If you have questions or concerns regarding IATA Certificate e-mails (pdf), please contact us at information.security@iata.org.

 

April 2014 alert:  False requests for donations for MH370 search

Fraudsters are currently engaging in an appalling fraud attempt. E-mails are being sent to IATA partners and customers asking for donations regarding the search for missing flight MH370. These e-mails do not originate from IATA.

If you receive a False MH370 donation e-mail (pdf), or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  AOL e-mails regarding CASSLink login and "new" bank details

Please be aware that fraudsters are currently sending e-mails from AOL accounts stating that IATA customers should review their CASSLink records and revert back for "new" banking details. These e-mails do not originate from IATA.

If you receive an AOL-CASSLink e-mail (pdf) or one similar to it, please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

April 2014 alert:  Noreply@iata.org e-mails with Reply-to domain of @iataduepayments.org

Please be aware that fraudsters are now sending e-mails which appear to come from "noreply@iata.org". However, the email address is actually spoofed and the fraudster indicates that their e-mail address is iata@iataduepayments.org or a similar address from the same @iataduepayments.org domain.

If you receive a noreply_iataduepayment e-mail (pdf) or one similar to it, please send it to
 information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

March 2014 alert:  Fraudulent IATA Payment Stop e-mails & Security Department letters

Fraudsters are sending e-mails to IATA customers indicating that they should stop all IATA payments pending the outcome of an investigation into account irregularities. The e-mails include an attachment which is a fraudulent security letter. IATA has not sent these e-mails or issued the attached warning notices.

If you receive an IATA Payment Stop Order email (pdf), or a fraudulent IATA Security Department letter (pdf), please send it to information.security@iata.org as an attachment, then block the sender and delete the e-mail.

 

Traveler Alert!

Fake Travel Agency Websites

IATA is aware that there are fraudulent online travel and flight booking agencies operating internationally. These websites can appear highly professional and may even display the IATA logo to make their webpages appear legitimate. Because this is a growing concern, we urge you to use only verified agents (Accredited agents/agencies will provide their IATA code if asked and this can be verified online via the Check a Code website or through the IATA Customer Portal). 

Please be cautious of any agent whose website states that they accept credit cards for payment, but then later requests payment via wire transfer. This could be an attempt to obtain your credit card information in addition to a wire transfer payment which you cannot dispute later.

Below are examples of fake travel/flight booking websites. Be mindful of sites that may be similar. If you learn of or suspect an online agency of fraud, please contact information.security@iata.org. Please remember, if an offer seems too good to be true, it probably is.

Contact information 

To report fraudulent e-mails, or if you have any questions relating to fraudulent e-mails, please contact us at information.security@iata.org

Additional information

© International Air Transport Association (IATA) 2014. All rights reserved.