A new method of online fraud has recently been discovered by cyber security specialists, who noticed numerous situations in which attackers impersonate well-known airlines in order to obtain funds illegally.
Cyber attackers pose as airlines
Cybersecurity specialists have discovered an increase in fraudulent emails in which attackers pose as reputable airlines and airports, such as Schiphol (Amsterdam), Lufthansa, Emirates Airlines, Qatar Airways, Etihad Airways and others, with the aim of tricking the companies into complying with false communications about suppliers or partnerships. The purpose of these scams is to steal funds from the targeted organizations.
Since the beginning of September this year, Kaspersky experts have detected and blocked thousands of such fraudulent emails globally, with the volume of this type of attack increasing significantly compared to previous months.
Example of a fraudulent email sent by attackers
These messages usually claim to be from the procurement departments of major airlines, announcing new projects and looking for suppliers or contractors. After the recipient responds, the attackers send a series of fake documents, such as vendor registration forms or confidentiality agreements, to appear credible. Targeted organizations are then asked to pay a “Mandatory refundable deposit for expression of interest”in the amount of several thousand dollars, allegedly necessary “to secure a priority position in the partnership calendar”, with the promise that the amount will be reimbursed after the signing of the “partnership”.
In the context of these attacks, cyber security experts recommend that organizations:
• Check the sender: Always check the domain and contact details. If in doubt, contact the company directly through official channels.
• Be wary of deposits: Legitimate companies do not ask for upfront payments to sign up as a supplier.
• Analyze documents carefully: watch for any inconsistencies in logos, language or formatting. Subtle errors can signal fakes.
• Train employees: Procurement teams and the finance department should be educated to recognize common fraud tactics.
• Use advanced security solutions: Deploy email protection tools that detect suspicious patterns and block fraudulent emails before they reach your inbox.
• For companies whose name is often exploited by cybercriminals, brand monitoring provides early detection and removal of phishing sites, fake profiles and malicious apps.
