United Airlines customer loses $17K after calling official hotline
ILLINOIS, UNITED STATES — A Denver man was defrauded of over $17,000 after calling United Airlines’ official customer service number, a confirmed case that exposes critical vulnerabilities in airline communication security.
The scam, which occurred during a three-hour call, saw the fraudster allegedly use United’s internal systems to legitimize the transaction, leaving the victim with a valid flight booking and a massive fraudulent charge.
Fraudster exploited United’s official systems
Experts theorize the scammer then separately called United Airlines’ legitimate call center, impersonated Dan Smoker, a father from Denver who is the victim, using the personal details provided, and processed the $17,328 booking, which was charged to a third-party company, “AIRLINEFARE,” not United Airlines.
This technique enabled the fraudster to create an authentic flight confirmation within the systems of United, thus making the scam very convincing.
The complexity of the scheme is also evident in the significant deviation in call records, which indicate a 3-hour, 16-minute call to the United official number placed by Smoker.
Yet, the airline records only a single 13-minute call to its number, made a few minutes after Smoker placed the call to the official number, which indicates the use of an intermediary system to commit the fraud.
“When I read that refund email, I spotted red flags almost immediately, like the email didn’t come from a United Airlines email address,” Denver said in an interview with 9News.
Call records reveal major discrepancies
The incident constitutes a massive reputational issue for United Airlines and poses a significant question as to whether communicating with a company via its official communication options would be secure.
United has stated that it is conducting a thorough investigation into the issue. However, it has confirmed to Smoker that the findings of its internal security investigation will not be disclosed to him, a policy regularly followed by companies that often leave victims feeling mistreated, leading the general population to question the reliability of these companies.
For consumers, the case shatters the perceived safety of direct customer service interactions and raises questions about the security of internal airline protocols and employee training against social engineering.
This security breach is not an isolated concern for aviation but a warning for the entire travel industry, where digital reliance is high. Similar scams have recently targeted programs like TSA PreCheck, showing criminals are adept at exploiting travelers’ dependence on hotlines and online systems.
The case underscores an urgent need for companies to not only bolster technical defenses but also to implement more robust customer communication about fraud risks and to ensure their employees are trained to identify and prevent such sophisticated social engineering attempts.
Outsourcing call center operations to prevent fraud
Professional third-party call centers that have strict security and may be more protective than in-house operations with advanced authentication schemes, artificial intelligence-enabled fraud detection, and employee monitoring.
With these providers, you have greater security of sensitive data and credentials, whether a transaction is legitimate or not. Therefore, the risks of insider threats and social engineering attacks are minimized.
By outsourcing, airlines could leverage specialized expertise and technology to protect customers, ensuring consistent security standards and transparent incident responses that preserve trust.
