Main IATA navigation

    Email & Website Fraud Protection

    ​All organizations are vulnerable to online fraud. While IATA uses a sophisticated strategy and tools to prevent fraud attacks, fraudsters still find ways to bypass these efforts. To help mitigate fraudulent activities, it is important that IATA stakeholders understand how to identify fraud so it can be reported to IATA's fraud prevention team. Below you will find examples of online fraud and guidance on how to report it.  

    To report fraudulent activities, contact information.security@iata.org.    

    New - massive fraud under way

    We have found out that starting around 22 May, a large number of fraudulent e-mails using the names of IATA officials, including IATA Director General & CEO have been targeting travel agents. Ignore and delete such messages. IATA will never ask for payment by e-mail.


    Latest fraud activity

    Fraudulent e-mails using the following domains have been targeting stakeholders across all regions:

    • finance@iata-bsp.org reply to revenue@iata-payment-online.org

    • account@iata-bsp.org reply to revenue@iata-payment-online.org

    • finance@iata-global.og reply to finance@iata-global.org
    • invoicing@iatacass.org
    • iatacustomercare@iataglobal.org
    • finance@iata-payment-online.org
    • audit@iata.com reply to iata.audit@gmail.com
    • audit@iata.com reply to tayylormatt@gmail.com
    • account@iata.org<account@iata.og> reply to account@iata.org<iatapaymentofficee@gmail.com>

    Do not respond to messages originating  from these domains, delete them and report any further activities to information.security@iata.org 

    Please remain vigilant as well on calls issued by fraudsters (e.g. Lora Gomez)

    Email fraud Website fraud Recognize & report FAQ

    Email is one of the most frequent fraud techniques. Fraudsters posing as IATA often target travel organizations and other industry stakeholders with the intention of extorting money. Read more about fraudulent email techniques with the IATA Fraudulent emails warning (pdf)

    IATA stakeholders have experienced the following types of email fraud:

    • Phishing: emails purporting to be from legitimate organizations asking individuals to reveal confidential information such as passwords and bank details
    • Spoofing: Email addresses disguised as IATA domains (such as accounts@iata.org) to hide sender address

    Recurrent fraudulent email domains

    Below is a list of current scams, please ignore and delete messages from these addresses:

     offices@iata.og account.mgt@iata.com
     iata.payments@accountant.com invoicing@iatacass.com       
      iata.agencymanagement@accountant.com iata.office2017@gmail.com    
    ​​account@iata.com reply to account@iatacollections.comiata22@mail.com
    ​finance@iata-payment-online.org reply to account@iatacollections​account.pmt@iata.org

    ​Report fraud

    To report fraudulent e-mails, fraudulent websites, or if you have any questions relating to fraudulent activities with a reference to IATA, please contact information.security@iata.org

    Need Help?

    Contact us

    Our mission is to represent, lead and serve the airline industry

    Additional information