Flight attendants at United Airlines have been told to be on the lookout for fake websites created by cybercriminals and masquerading as legitimate sites in an attempt to steal their employee sign-in credentials.
Once the sign-in credentials have been stolen, the criminals can then use them to access official websites used for employee pay in order to redirect the paychecks of innocent victims into their own accounts.
Flight attendants have been warned that the thefts aren’t just limited to stealing paychecks but could also be used to empty their Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA) which could run to tens of thousands of dollars.
While online scams are nothing new, Google and other popular search engines have struggled to stop these fraudulent websites from appearing in their search results – in some cases, making it the top result above the genuine website.
The purpose of the scam is to trick the victim into thinking they are logging into the genuine website, thereby giving over their sign-in credentials.
It might not take long for the victim to realize that the website doesn’t work as they expected, but it’s often just enough time for the criminal to use those login details to sign in to the genuine website and get the paycheck or savings account redirected to their own account.
Another common example of this type of online scam that has been used to target airline passengers repeatedly is fake websites that list a phone number for the airline’s customer support line.
Frustrated passengers who need to get hold of their airline in a hurry can often be duped into clicking on the first phone number they see in the search results, wrongly assuming that Google or Bing would only list genuine phone numbers for their airline.
The person on the other end of the line will sound and act as if they work for the airline but will do everything in their power to obtain the victim’s credit card details.
“While we recognize that company messaging about the importance of protecting data security can become repetitive, it is critically important that each of us recognize the serious nature of these efforts where, if successful, they pose a serious compromise to our personal financial security,” the Association of Flight Attendants (AFA-CWA), which represents crew members at United Airlines, told its members.
“It cannot be stressed strongly enough that cybercriminals use phishing, smashing, and fraudulent calls to gain access to your information. Knowing and accepting the fact that each of us is an intended target by these criminals is the first step in protecting our financial data,” the memo continued.
Internet security firm Digicert suggests that one of the simplest ways for consumers to spot a fake website is to carefully examine the URL, as cybercriminals will often tweak the spelling of a familiar site name.
If you don’t look carefully and just glance over the URL, your eyes might see the name you’re expecting, but look closer, and there will be subtle differences. In the past, Digicert says fraudsters have changed the ‘O’ in Amazon.com to a zero so its looks like Amaz0n.com.
For United’s flight attendants and employees of other companies, the best way to access sensitive websites is via a link hidden within the internal company website rather than by Googling the specific website you are looking for.
United has already introduced two-factor authentication in a bid to prevent unauthorized access to its internal systems, although the union also cautions that flight attendants shouldn’t blindly authorize a two-factor authentication request they receive on their device.
