AFIF
Thursday, 10 January 2013

 
Renewed Fraudulent emails representing IATA

Dear All,
 
It appears that fraudulent emails are once again circulating from those purporting to represent IATA. The most easily recognisable way is to understand that IATA staff only use emails with the iata.org suffix, i.e. xxx@iata.org. However they can be cleverly disguised.

So it is timely to re-issue the advice from IATA as follows:
 
Dear IATA Cargo Agents

It has been brought to our attention that there have been renewed attempts by Fraudsters, sending emails soliciting payments and / or sending invoices on IATA letterhead, to Agents in New Zealand and Australia, asking for manual payments into an overseas bank account.

IATA CASS payments are made by direct debit, please do not respond or reply to any email asking for remittance to a bank account. The more common fraudulent emails are coming from email addresses with xxxx@gmail.com or casslink@iataa.org or paulette.green@iataa.org Note: all IATA employees emails are xxx@iata.org).
 
Please forward to us at cargoau@iata.org any communication you may receive, so that our Fraud Department can follow up accordingly.

Please circulate the below and attached information to your staff where you see fit, especially accounts personnel.
 
Recent attempts by fraudsters have been made to collect money from users of IATA products and services.

Unfortunately even large, sophisticated companies have been victims of such attempts and transferred substantial amounts to bank accounts designated by the fraudsters, after having been fooled by the false correspondence.

IATA is communicating with as many members of the air transport industry as possible to share valuable information on how to detect such fraudulent email attempts in order to help prevent individuals from becoming victims.

As part of our ongoing awareness campaign to protect our industry partners, attached is a document entitled "Warning - Fraudulent Emails" which contains commonly used email fraud techniques, IATA's communication practices, and what you can do to better protect your organization.

Key points include:
  1. The fraudsters contact users under false names, sometimes using similar or identical names as those of IATA officials, seeking payment for products or services and/or claiming payments for outstanding amounts due.
  2. The fraudsters use an email address resembling IATA email addresses but using different host servers such as "gmail".
  3. The fraudsters may also use forged documents bearing the IATA logo or include links in the email to a spoofed (fake) website.
  4. IATA communications will always come from an "iata.org" email address accompanied by a digital signature.
  5. Ensure that your systems allow you to read emails with digital signatures.
  6. An authentic IATA invoice will never request payment into a non-IATA bank account.
  7. Always be wary of requests to update bank account information.
  8. Whenever in doubt as to the authenticity of communications purporting to be from IATA requesting payment, please do not respond to the email and kindly notify IATA immediately at information.security@iata.org
Please take a moment to review this information carefully and share it with colleagues in your company, particularly those that are responsible for settling supplier invoices.
 
Thanks,
IATA Cargo

Stéphane Parrenin
Cargo Service Manager - StB Manager

International Air Transport Association (IATA)
Suite 401, level 4, 83 York Street, Sydney NSW 2000 Australia T 61 2 9249 6812
"flying's a wonderful thing" "we represent, lead and serve the airline industry"
 
 
Please advise all concerned.
 
Thanks,
 
Brian Lovell
Chief Executive Officer
 
Australian Federation of International Forwarders Ltd (AFIF)
Suite 403, Level 3
152 Bunnerong Road
Eastgardens NSW 2036
Tel: (61 2) 9314 3055
Fax: (61 2) 9314 3116