All organizations are vulnerable to online fraud. While IATA uses a sophisticated strategy and tools to prevent fraud attacks, fraud actors still find ways to bypass these efforts.

To help mitigate fraudulent activities, it is important that IATA stakeholders understand how to identify fraud so it can be reported to IATA's fraud prevention team. Below you will find examples of online fraud and guidance on how to report it.

Do not respond to messages originating from these domains, delete them and report any further activities to fraud.reporting@iata.org

Last update: ūü¶Éūü•ß 22 November 2022

 

Latest fraud activity

This is a list of the most common fraudulent emails received by IATA. The list is not exhaustive and may change without warning. If you are unsure whether an email you received is a genuine email sent by IATA, please contact us at fraud.reporting@iata.org .

We appreciate all reports, including emails that are already on this list.

Please note that IATA never communicates via public email domains: @gmail.com, @outlook.com, @hotmail.com, @yahoo.com, @icloud.com, @aol.com, @protonmail.com, @gmx.com, @mail.com, @usa.com, @yandex.com, @mail.ru,  @qq.com, @163.com, @126.com, @sina.com, etc. You should assume that all emails sent from these domains which claim to be from IATA are fraudulent.

 

Warning:

IATA will never send you software by email. If you receive an email claiming to be from IATA that asks you to install software attached to the email such as an update for BSPLink, IATA ONE ID, or similar, please contact us at fraud.reporting@iata.org
Fraudulent domain Fraudulent email accounts
iata-casslink.org payment@iata-casslink.org
cass-portal.com payment@cass-portal.com
casslinks-iata.org payments@casslinks-iata.org
airlines-iata.org account@airlines-iata.org
accounts@airlines-iata.org
siteprotect.com iata@siteprotect.com
inv-iata.org accountant@inv-iata.org
bevaj.com iata@bevaj.com
hbsc.com.sg sandar@hbsc.com.sg
iataairlines.org accounts@iataairlines.org
iata-dues.org payments@iata-dues.org
iata-paymen.com invoice@iata-paymen.com
gmail.com iata81908@gmail.com
iata-office.org payments@iata-office.org
airport-iata.org account@airport-iata.org
citronmail.hu agency.management@citronmail.hu
iata.accounts.payables@citronmail.hu
llata.org
agencymanagement@LLata.org
europe.com IATA.IATA2022@europe.com
aero-gulfaviationservices.com career@aero-gulfaviationservices.com
vccusa.org office@vccusa.org
iata-a.org
ferratec@iata-a.org
iata-dept.com debt-office@iata-dept.com
iatadepts.com
account@iatadepts.com
accounting-iata.com @accounting-iata.com
tvhistp.com doyajoma@tvhistp.com
‚Äči-iata.org account‚Äč@i-iata.org
‚Äčaccountant.com agency_management@accountant.com
agency.management@accountant.com
accounts-payables@accountant.com
agencymanagement2022@accountant.com
agencymanagementt@accountant.com
IATA_Customer_Service@accountant.com
IATA.IATA.ORG@accountant.com
iata_2021@accountant.com
iata@accountant.com
iata_org@accountant.com
iata.org2009‚Äč@accountant.com
iataagent.dr@accountant.com
methdesig.net abqotxqhvvdg@methdesig.net
lpkibqtzrcl@methdesig.net
hostipus.com oszrmltklrlq@hostipus.com
onmicrosoft.com
psf@xvth.onmicrosoft.com
agents-iata.org customer.portal@agents-iata.org
Payments@agents-iata.org
bergstrominc.com Iortiz@bergstrominc.com
cnscc.us cnsaccounting@cnscc.us
europe.com iata@europe.com
eurotour.tur.ar correo@eurotour.tur.ar
graphic-designer.com
Tianaarea17@graphic-designer.com
‚Äčiata-finance.org ‚Äčfinance@iata-finance.org
creditmanager@iata-finance.org
‚Äčiata-org.co @iata-org.co‚Äč
‚Äčiata.email lata@lata.email
iataa.org info@iataa.org
invoice
@iataa.org
‚Äčiato.org ‚Äč‚Äč‚Äčnoreply@iato.org
iota.org noreply@iota.org
‚Äč‚Äčiiata.org ‚Äč‚Äčaccount@iiata.org
ilata.org @ilata.org
iname.com info.iccs@iname.com
inbox.lv iata-1@inbox.lv
animals22@inbox.lv
‚Äč‚Äčinvoice-iata.org ‚Äčaccounts@invoice-iata.org
info.csame@invoice-iata.org
‚Äč‚Äčnepia.com ‚Äčtony.allen@nepia.com
‚Äč‚Äčnetathome.co.ke ‚Äč‚Äčdalex@netathome.co.ke
‚Äč‚Äčoutlook.com bill.invoice1@outlook.com
bill.invoice2@outlook.com
bill.invoice22000@outlook.com
iataagencymanagement@outlook.com
presidency.com hans-logisticss.com@presidency.com
receipts-iata.org payments@receipts-iata.org
voicemessages.us broker@voicemessages.us
flytrs.com info@flytrs.com
bredband.net gerhard.sager@bredband.net
facetohen.ml admin@facetohen.ml

The websites/companies listed below display the IATA logo or make reference to IATA without authorization. These websites/companies are not accredited, affiliated, or otherwise endorsed by IATA. 

  • Fajri Pratama Logistics - fajripratamalogistics.com
  • VIP Dac USA - vipdacusa.com
  • Leca Logistics BV - lecalogisticsbv.com
  • Transway-Animals - transway-animals.net
  • Vikuhelp - vikuhelp.com/travel
  • Flytrs - flytrs.com
  • iata.org.xy2401.com
  • jieranqiche.com/iata

 

Fake travel agent websites

Fraudulent online travel and flight booking agencies operate internationally. These websites can appear highly professional and some may display IATA’s accredited agency logo to appear legitimate. Because this is a growing concern, IATA suggests using only verified agencies.

Verifying the legitimacy of an IATA-accredited agency

IATA accredited agencies have a unique code, which is the best way to verify the legitimacy of a travel agency. Agencies will provide their IATA code if asked. This can be verified online via our email fraud.reporting@iata.org, or through the IATA Customer Portal.

Fake statements from member airlines and strategic partners

Fraudsters often feature false statements on their websites claiming to be IATA accredited, protected or bonded, or claim that they hold membership with IATA. Be aware that when a travel, cargo, or service agency references IATA on their home page, it does not necessarily mean that they are IATA accredited.

To verify the validity of IATA's member airlines and strategic partners we recommend the following:

Recognizing Fraud

Email is one of the most frequent fraud techniques. Fraudsters posing as IATA often target travel organizations and other industry stakeholders with the intention of extorting money. Read more about fraudulent email techniques with the IATA Fraudulent emails warning (pdf)

Types of email fraud:

  • Phishing: emails claiming to be from legitimate organizations asking individuals to reveal confidential information such as passwords and bank details, or take a risky action such as transferring money to a new bank account.
  • Spoofing: Email addresses disguised as IATA domains (such as accounts@iata.org)
  • Puppy scams: IATA does not sell or transport animals. Emails purporting to originate from IATA which offer to sell or deliver puppies or other live animals are fraudulent.

Recognizing fraud

  • IATA never communicates through public email domains: yahoo.com, gmail.com, etc.
  • IATA will never ask you to share confidential information via email, such information should only be shared through the Customer Portal
  • IATA will never ask you to change your bank account via email.
  • Verify our list of current and recurrent email domains used by fraudsters located on the Fraud Activity tab.

Reporting fraud (with reference to IATA)

  • If you receive an email from a fraudulent address, forward it as an attachment to fraud.reporting@iata.org and then delete it

IATA’s genuine email domain addresses

IATA uses several domains when communicating by e-mail. Below is the list of official domains used by IATA

  • iata.org, iatan.org, iata.force.com, cnsc.us

For example:

  • updates.iata.org
  • consulting.iata.org
  • surveys.iata.org
  • ebroadcast.iata.org
  • external.iata.org
  • indp.iata.org
  • iata-pay.iata.org
  • cargo-download.iata.org
  • training.iata.org

For example:

  • updates.cnsc.us

What addresses does IATA use to send emails?

IATA uses many addresses to send emails to its customers. IATA emails typically end in ‘@iata.org.’ Subdomains like ‘@info.iata.org’, ‘@updates.iata.org’ and ‘@bsplink.iata.org’ are also used for different purposes. Please be aware that fraudsters using phishing methods to make an email address appear to end in “@iata.org”, but the reply address will be different. If you are unsure whether an email from IATA is genuine please contact fraud.reporting@iata.org .

I just realized I have paid a fraudulent invoice, what do I do?

  • We advise you to contact your bank and notify them to cancel or recall the payment.
  • We advise you to contact the destination bank and notify them to stop or cancel the payment and freeze the fraudulent account.
  • We advise you to inform your local authorities and raise a complaint at their office or via their website.
  • You can report the fraud to our partner Cybera.io who may be able to help recover the funds.

What can I do to protect myself?

Immediately contact Fraud Reporting when you receive emails/invoices that appear suspicious or fraudulent.

  • Fraudsters often use threatening language in order to get you to pay into their account as soon as possible. They may even call your office and pose as an IATA employee. First check with the Fraud Reporting team to see whether the suspicious email/call you received is valid or not.
  • Distribute the information about fraud tactics around your office
  • You can give our fraud warning to your company’s internal communication to circulate and also let your colleagues know the tactics that are being used by fraudsters. The more people that are made aware of fraudulent attacks, the less susceptible they are to fraudulent attacks
  • Pass information regarding fraud prevention to new employees
  • New employees can easily fall victim to fraudulent attacks because most are unaware of how to identify and deal with them. If you are leaving your current position in your organization, we advise that you pass any information you have to the new employee if possible. If circumstances do not permit, please advise your HR department to inform your replacement about the fraudulent emails and invoices

I received a suspicious email, but it is from an IATA employee, what do I do?

Fraudsters have been known to use the names of real IATA employees in order to make their fraudulent email appear legitimate. Please forward all suspicious emails to fraud.reporting@iata.org

What security measures does IATA have in place to prevent fraud and what do we recommend others implement?

Domain spoofing is the trick of forging an email header so that the message seems to originate from someone or somewhere different from the actual source.

 

DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance is an email protocol, designed to protect a company's email domain from being used for email spoofing and phishing scams.

IATA has implemented both email authentication components of DMAC: "Sender Policy Framework" (SPF) and "Domain Key Identified Mail" (DKIM).

This allows, email receivers to check if incoming messages have valid SPF and DKIM records and if these align with the sending domain. After these checks a message can be considered as DMARC compliant or DMARC failed.In case of DMARC failure, IATA had defined that the email delivery should be rejected.

For further information about DMARC, please visit https://dmarc.org/.