Skip to main content Site map

Recent cyber crime – incident reported

News

Stay up to date with the latest from The Air Charter Association and aviation industry news.

Back to news

4th October 2019

Recent cyber crime – incident reported

A broker member of The ACA has informed us of a cyber-hack they recently encountered.

The broker concerned asked a reputable operator – and fellow member of The ACA – for a price for a fairly urgent charter, via email. The operator responded to advise that they were not available, however that email was subsequently intercepted by a hacker at the operator’s end of the chain.

So, instead of the broker receiving the “no availability” message, they were actually sent a “quotation”, copied onto the operator’s own company quote form, using the name of a well-known charter sales representative. However, hidden behind that name was a domain address that, although very similar to that of the operator, upon closer inspection post-incident, included an additional letter. The email even contained the usual signature of the charter sales representative, operator logo, disclaimer and genuine office and mobile telephone numbers.

The price was subsequently accepted by the broker and a contract was requested, which was duly sent containing the aircraft details, registration, route with departure/arrival times plus all the terms and conditions, again on an operator contract form, apparently from their software. The contract also contained pertinent notes and information about the airport specifics and the main body of the email was written professionally, as if from one aviation professional to another.

The broker then received a text message (unbeknown to them at the time sent by the scammer) asking them to confirm receipt of the contract, which the broker duly acknowledged. There were further discussions about the charter via text message and the “operator” (scammer) appeared to be extremely au-fait with industry terminology, using appropriate vocabulary in the correct context, along with other industry specifics. The broker signed the “contract” and returned it via email and was then sent an invoice, which again looked to have been generated by the operator’s automated software and appeared entirely genuine. The only notable difference picked up by the broker – as they were about to pay for the charter – was that the bank account was listed in the United Kingdom, whereas the operator was based in another European country.

The broker then called the main office telephone number of the operator and was informed that the aircraft registration had not been booked for them and was in fact with the owner, booked out for a long-range trip. They could see in the system that the charter sales executive had advised “no availability” a couple of hours earlier. The operator also confirmed they did not have a UK bank account and that the telephone number being used by the scammer for texting was different from their charter sales rep.

Our broker member was extremely lucky and narrowly avoided losing a six-figure sum to the fraudster. However, the alternative aircraft booked to operate the flight was at considerable additional cost.

This is clearly a sophisticated scam, particularly since the perpetrator clearly has reasonable knowledge of industry jargon.

We cannot stress enough how important it is that if you ever receive new banking information from a supplier, you call them in person to verify the details, even if from an existing supplier. Always use a published telephone number you have used before and do not use the number on the invoice.

It is equally important not to take information at face-value, do your research.  Do not sign the contract or release funds, or an aircraft, without being absolutely sure of a legitimate booking and payment.

Do not be afraid to turn away business. Remember; no funds, no flight!