Connect with us

Hi, what are you looking for?


Fraud & Identity Theft

Law Enforcement Cracks Down on Airline Fraud

Global law enforcement agencies have been sharing intelligence to crack down on airline ticket fraud, and appear to be taking action roughly every six months to make arrests. In June 2015, 130 individuals “found in possession of airline tickets bought using stolen credit card details” were detained.

Global law enforcement agencies have been sharing intelligence to crack down on airline ticket fraud, and appear to be taking action roughly every six months to make arrests. In June 2015, 130 individuals “found in possession of airline tickets bought using stolen credit card details” were detained. In November 2015, “133 individuals were detained under suspicion of fraud.” Now Europol has announced that “140 people were detained, denied boarding and questioned by police.”

There are different types of airline fraud, all usually involving stolen credit card details. In one example, stolen card details are used to purchase airline tickets online. These are canceled in order to obtain a flight credit and confirmation number.

The credits are then sold at a discounted price on Craigslist or Ebay, and the money transferred via something like Western Union into an untraceable account. The victim subsequently seeks to redeem the funds on presentation of the confirmation number – but is told the original purchase was via a stolen credit card.

The recent international actions, always involving Europol, Interpol and Ameripol seeks to detain actual users of fraudulent airline tickets. Cooperation between the international agencies, airport hubs and local police allows suspects to be detained prior to boarding the aircraft.

While the travel industry is grateful for the recovery of funds (“I cannot stress enough the importance of preventing and recovering fraud related losses for our members,” said Aleks Popovich, SVP at IATA), it is more than just money to the law enforcement agencies. Rob Wainwright, director of Europol, linked the action to a wider action around the Euro 2016 soccer finals in France. “A festive event such as this also grabs the attention of cybercriminals who will be seeking opportunities to exploit it, targeting innocent consumers by stealing their credit card details and costing the airline industry significant amounts of money.”

Interpol Secretary General Jürgen Stock raises the stakes even higher. “This type of fraud not only targets innocent consumers by stealing their payment card details, but also poses significant risks to global security by allowing criminals and terrorists to travel under the radar,” he said. “Only through coordinated interventions such as the Airport Action Days can we track down the organized criminal networks behind this large-scale fraud and detaining the criminals involved before they have the chance to commit other crimes.”

This might, however, be a little overstated. “For criminals and terrorists to use fraudulently-obtained tickets, they need to have other documentation too,” explains ESET senior research fellow David Harley. “In fact, documents such as passports obtained via identity theft might be ‘safer’ for the criminal than tickets obtained fraudulently, since they may not be monitored as closely as credit card transactions. Where the fraud is detected fairly early on,” he continued, “the ticket may assist in picking up criminals – as may have happened here. Where the criminal doesn’t use the ticket himself but sells it on to another innocent victim, it’s a safer fraud to execute, since the scammer is able to divert the payment via a service such as Western Union which allows untraceable accounts.”

Advertisement. Scroll to continue reading.

What we don’t yet know is how many of the 140 detained passengers are victims of fraud and how many are perpetrators of fraud. Some may be ‘innocent’ purchasers of discounted fraudulent tickets; but others might be seeking to ‘fly under the radar’ for other reasons. With the ongoing soccer festival and France’s recent history of terrorist attacks, it is little wonder that law enforcement agencies are monitoring airline fraud particularly closely at this time. But it will be interesting to see how many of those 140 detains turn into actual arrests.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.


Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.

Application Security

After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple...


Spanish and US authorities have dismantled a cybercrime ring that defrauded victims of more than $5.3 million.

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...