A fraudster is standing by to book you a flight at 50% off

An online travel agency offering 50% off flights on major airlines is doing a booming business as the world re-opens after COVID. There’s just one problem. It’s unclear how the proprietor obtains the plane tickets being sold.

The agency reassures customers that “we don’t use card or stolen points” and boasts it is “a better alternative to stolen Delta gift cards.” When a prospective customer asks: “Are these tickets obtained legally?”, that question is never really answered.

Welcome to the world of “fraud-as-a-service,” where scammers take your order for travel, food delivery or concert tickets, and deliver the goods for a big discount. The travel websites, food-delivery companies and ticket vendors the scammers get them from are paid fraudulently and usually lose that money, experts say.

The San Francisco cybersecurity company Sift has been watching fraud-as-a-service as it boomed during COVID, defrauding food-delivery apps. That scam continues, but travel agency entrepreneurs may take it to another level. And fraud-as-a-service involves consumer participation in a new way.

“He will help book airline tickets and hotel reservations with the use of stolen accounts or stolen payment methods,” says Brittany Allen, a trust and safety architect at Sift. “And that’s an interesting one because he provides a guarantee that the airline ticket will not be canceled. We’re definitely seeing travel and then ticketing and events becoming broader targets for fraudsters as the world reopens.”

Brittany Allen tracks fraudsters as a trust and safety architect at the San Francisco company Sift. (Sift)

Allen’s team of four scours the online world for scammers that Sift, which has its headquarters on Market Street, can then teach machine-learning algorithms to catch. Those computer programs can be taught to look for scams, and protect Sift’s enterprise customers from fraud.

The travel entrepreneur posts that he is “providing the most premium travel channel on the entire Telegram market.” Telegram is an encrypted messaging platform that says it has a half-billion users.

The fact that there is a competitive pop-up market of dubious travel agencies on a mainstream messaging site is one of the important things about fraud-as-a-service: It’s gone mainstream, out in the open where consumers can take part.

“Over the last couple of years, we’ve seen fraudsters come out of the shadows of the dark web to advertise fraud-as-a-service in publicly available forums on messaging apps, like Telegram,” Allen says. “Now anyone with a smartphone can ask a willing cybercriminal to buy them anything from meals to airline tickets for a fraction of their actual costs.”

Sift says the emergence of Telegram as a fraud marketplace has opened the doors to the “fraud curious” – people who want a deal but would not have ventured onto the “dark web,” the shadowy internet that is not indexed by search engines.

“It gives fraudsters who in years past mostly operated on the dark web the ability to kind of come into the light a bit more and communicate with people who aren’t savvy enough to figure out how to download a Tor browser, and would never be able to find the correct onion link to go to a dark web marketplace,” says Allen, describing the entry points to the dark web, which can’t be found via Google.

Telegram, which is based in the Virgin Islands with offices in Dubai, said in a statement that the company “has actively moderated harmful content on its platform — including potential scams.” The company said it has banned millions of accounts and said, “We are working to expand both our Terms of Service and moderation efforts to explicitly restrict and more effectively combat other misuses of the Telegram platform, such as encouraging fraud.”

Telegram’s Terms of Service are 75 words long. Competitor Snapchat’s are 5,000 with a separate 800-word Community Guidelines.

The travel scam follows previous fraud-as-a-service campaigns that placed food orders for consumers, sold them at a discount, and defrauded delivery companies and restaurants.

In those cases, fraudsters posted in Telegram forums, such as “Fraud Market,” advertising food orders at 60-75% off, Sift says. Customers sent the scammers screenshots of their shopping cart from delivery apps, and the scammers bought the food with hacked accounts, pocketing what the consumers paid.

Who are those customers?

“People who are either entry-level into fraud, or are just sort of testing the waters,” says Allen, the Sift fraud expert. “Maybe they don’t feel like this is necessarily fraud. Maybe they don’t understand the full implications of what’s happening.”

The customer who asked if the plane tickets were obtained legally kicked off a conversation that would confirm Allen’s hypothesis.

“We’re not at risk,” one user replied. “We’re just using a travel agent to book for us.”

“I think they’re legal. LOL,” another said.

Leave a Comment

Your email address will not be published.