Where Did My eCert
Go?
As I write this, I can’t help but think about my passwords. I have many, and I’m sure you do too. I am wondering if we realize where the passwords linked to our accounts might end up? The following fraud case is not huge by many of the multi-million-dollar fraud cases we normally see the FBI pursuing, nevertheless it is troubling when we realize where it could lead.
Vega International Travel Services, Inc.
Vega International Travel Services, Inc. is a small, full-service travel agency located in Chicago, Illinois. The managing partner of Vega is Gennady Podolsky, who is a dual Ukrainian and American citizen. He has just pled guilty to the crime of trafficking in computer passwords. It is much more serious than it seems on face value.
Gennady’s clientele is mostly foreign, and so a lot of Vega Travel’s clientele lived in Eastern Europe and felt comfortable booking through the agency as he is fluent and his pricing was fair. However, he saw a golden opportunity through those who trusted him. The opportunity came in the form of bonus miles.
He “innocently” asked for their Delta account passwords. The clients didn’t think much of it. The clients mostly flew on Delta Air Lines and they had Delta “SkyBonus” accounts. SkyBonus (mileage accumulation) awards can be used for the purchase of free or eCert tickets. eCert tickets, of course, have value. They can be used to buy travel, are transferrable and can be re-sold in under the table deals.
To cash-in an eCert, all the awarded flyer needs to do is enter their eCert number and select a flight. In order to access accounts, a password is needed.
This is where Gennady realized that he has the makings of real money but first, he needed to put together a phony organization. He created a fake company, “RGI International.”
He used the company as a “funnel” to collect SkyBonus points. Vega also used people to create aliases in order to communicate with Delta. They transferred the passwords for RGI International’s SkyBonus “employee” accounts to Vega Travel. As those booking tickets were thought of as working for RGI International, Vega accumulated a large number of eCert tickets.
In short, Vega International Travel Services accrued millions of miles of free tickets, duped Delta and many customers, and could then re-sell those tickets at a real profit. This kind of practice, of course, is highly illegal and unethical and cuts into the profitability of any airline.
The FBI was called into the case and Gennady was arrested. He is awaiting sentencing in January 2021 and must pay Delta a restitution of $1 million for lost revenues.
The Need for Greed
Fraudsters are driven to greed when the lack of oversite in a situation allows them to see possibilities those of us with an ethical compass cannot imagine. Gennady saw his clientele as a group of naïve, unsophisticated rubes who lacked the savvy to understand the booking and billing system. As none of the insiders at Vega saw the possibility of enforcement of their scam, they gave themselves a green light to steal passwords, create a fictitious company and have people lie to the airline. It worked, at least for a while.
There was most probably little in the way of rationalization, save for the thought that neither their clientele nor Delta Airlines would miss the miles and the eCert tickets. They did not connect the dots to understand (or care) that they were stealing.
There is an irony in all of this, in that the travel business always points to its ethical responsibilities. The message doesn’t always get out nor is it always reinforced. I know this from my own experience once dealing with a travel firm that was unethical.
I can’t help but wonder how current the industry’s “ethical screens” are for stopping activities such as password theft. Will this type of activity change how passwords are shared? Or will the industry device an extra layer of security or eliminate the old password system altogether?
Perhaps we are all just a bit too careless and trusting.
LEAVE YOUR COMMENT BELOW!
