A substantial attack targeted a number of different IATA members and affiliates in January.

By Patrick Appleton

The International Air Transport Association (IATA) has warned stakeholders to be cautious after fraudulent emails impersonating the organization were circulated earlier this month.

IATA reiterated that it does not communicate via Hotmail, Gmail or AOL domains, which were among a number of senders it warns are fraudulent.

The full list includes @gmx.com, @yahoo.com, @hotmail.com, @iname.com, @accountant.com, @gmail.com, @mail.com, @aol.com, @live.com, @usa.com, or @outlook.com.

The trade association for the world’s airlines has called on all stakeholders to remain vigilant against fraud and report any communications from emails that appear disingenuous.

The risks of becoming a fraud victim can be reduced significantly by utilizing an email authentication protocol called “DMARC”

A number of websites and companies have also been found displaying the IATA logo or making reference to the organization as an affiliate without authorization.

IATA was unequivocal in its statement that companies such as CruiseBuilder, Fajri Pratama Logistics and VIP Dac USA “have no affiliation” to the trade association and “are not accredited or otherwise endorsed” by IATA in any capacity.

Other companies listed include Global Alterius Logistics Ltd., Gateway VIP Services and First Priority Logistics Service.

“Unfortunately there is no 100% bulletproof solution,” an IATA spokesperson told Airlines.

“However, the risks of becoming a fraud victim can be reduced significantly by utilizing an email authentication protocol called “DMARC” (Domain-based Message Authentication, Reporting & Conformance), which was implemented in IATA’s email systems in 2017. 

“Any email that is compliant with DMARC will be blocked. This technology will help in preventing spam, spoofing and phishing.”

In addition, those who think they may have been targeted should contact fraud.reporting@iata.org immediately, while communicating with IATA through secured platforms—such as its customer services portal—can protect against fraudulent activity.

For more information on IATA and fraud prevention, visit the following links:

Top