Corporate travel programs should adopt a “no-profile, no-booking” policy to combat fraud, warns a BCD Travel security expert.
The advice follows a U.S. Federal Bureau of Investigation alert that fraudsters are booking flights through travel management companies by posing as their clients’ employees.
“The impostors use real names and titles of clients’ employees they have gathered, for example, from social media sites. In some cases they even manage to have the client reach out to the TMC staff, informing them that shortly a high-ranking officer of the client organization from another region or country will contact them with an urgent booking request,” explained Andreas Decker, Netherlands-based senior vice president of global internal audits at BCD, in a recent Business Travel News article. The article details FBI warning signs of suspicious activity.
Decker told BTN that booking fraud can “in many cases only be avoided if a strong caller validation process is in place which is strictly adhered to. It is therefore recommended to have validated traveler profiles for all employees and apply a ‘no profile, no booking’ policy. If exceptions to the policy are required, a strong caller validation process needs to be in place. Clients should also warn their staff about the deceptive practices of these fraudsters.”