(Bloomberg) — When an actual human being answered an airline customer-service hotline after a single ring, I probably should have known I was being scammed.
At the time, I wasn’t exactly thinking critically. It was three days before Thanksgiving, and my family was about to miss our flight to Berlin, stuck in traffic en route to the airport in Newark, New Jersey. Blame a combination of poor planning, construction on I-95 and five consecutive canceled Ubers.
So when an empathetic-sounding man identified himself as a United Airlines agent named Sheldon and immediately asked for my phone number in case we got disconnected, I felt nothing but an overwhelming sense of relief. Sheldon told me not to worry. He’d get my family to Berlin. “Sheldon, you are an angel,” I said through tears, explaining that my father had died in July and this was to be our family’s first Thanksgiving without him.
Sheldon told me, with what seemed like genuine emotion, that he was terribly sorry for my loss. The good news was he could get us on a Lufthansa flight later that night, going through Munich. All I had to do was cover the price difference between the tickets: $1,415.97 for the three of us. I sighed and gave Sheldon my American Express card number.
That’s when I became the latest victim of what the Federal Trade Commission calls a business-impostor or business-impersonator scam. Like 396,227 other Americans in the first nine months of this year — up 18% from the same period last year — I fell for this increasingly sophisticated deception, in which someone claims to represent a trusted company to extract money and personal data from an unsuspecting victim. Reported losses from business-impostor scams in the US rose 30%, to $835 million, in the first three quarters of 2025, compared with $644 million in the first three quarters of 2024, according to the FTC. A spokesperson said it doesn’t break out data on airline business-imposter scams specifically.
The specific techniques the scammers use vary: Some pose as airlines on social media and respond to consumer complaints. Others use texts or emails claiming to be an airline reporting a delayed or canceled flight to phish for travelers’ data. But the objective is always the same: to hit a stressed out, overwhelmed traveler at their most vulnerable.
A sponsored scam
In my case, the scammer exploited weaknesses in Google’s automated ad-screening system, so that fraudulent sponsored results rose to the top. After I reported the fake “United Airlines” ad to Google, via an online form for consumers, it was taken down. But a few days later, I entered the same search terms and the identical ad featuring the same 1-888 number was back at the top of my results. I reported it again, and it was quickly removed again.
“We have zero tolerance for scam ads and take extensive measures to keep them off our platforms,” a Google spokesperson said in an emailed statement. “If we identify a scam that temporarily evades our detection, we’ll take quick action to suspend the advertiser’s account, as we’ve done here.”
Part of the problem is the explosion of AI tools, which are “supercharging fraud,” says John Breyault, vice president of public policy at the National Consumers League, a consumer-advocacy organization. The technology enables scammers to “do what they’ve always done, but in a more efficient way, at a bigger scale and lower cost.”
He says scammers are using large language models to craft ever-more-convincing phishing texts and emails; seeding the internet with false customer-service numbers that get swept up in AI-driven search results; and building fake websites that look indistinguishable from the real thing. And they excel at doing all this at times of peak stress — when it comes to airline scams, consumers are particularly vulnerable around the holidays.
“Urgency is what the scammers depend on to defraud their victims,” Breyault says. “Nothing feels more urgent than sitting in an airport figuring out what to do so you can be with your family for the holidays.”
When I reached out to United to find out what the airline was doing to combat impostor scams, a spokesperson emailed this statement: “United works diligently to protect our customers from scams and actively investigate areas of potential fraud. We encourage customers to only use customer-service contact information that is listed on our website and app.”
After I shared a screenshot of the fraudulent ad I saw on Google, the United spokesperson wrote that the company refers additional questions to websites posting incorrect information. So I asked Google. A spokesperson there said the company is constantly evolving its tactics “to stay ahead of bad actors.” Of the 5.1 billion ads blocked by the company last year, she said, 415 million were taken down for “scam-related violations.”
Google updated its ads misrepresentation policy in 2024 to include “impersonating or falsely implying affiliation with a public figure, brand or organization to entice users to provide money or information.” Still, many impostor ads slip through the cracks.
In retrospect, my refusal to face reality was my biggest mistake. We were still in traffic, set to arrive at the airport just as United Flight 962 was beginning to board, with three large suitcases to check. We had zero chance of making it.
The replacement of humans with not-always-helpful AI-powered customer-service tools makes it easier for an airline scammer to lure frustrated travelers. That’s what happened to me in the back of the cab when I opened the United app on my phone and began furiously texting, first with a bot, then with an actual representative, who sent me a link for the company’s Agent on Demand service to help passengers in urgent situations.
The link didn’t work. When I tried to text the agent on the app, the connection got lost and I was back to square one, chatting with a bot. Time was running out. Exasperated, I closed the app and typed “United airlines agent on demand” into Google. The top search result on my phone said United.com, had a 1-888 number next to it and said it had had “1M+ visits in past month.” In other words, it looked legit. I tapped the number. That’s when I first connected with Sheldon.
Not a good sign
After paying for the new tickets, I received a confirmation email from an unfamiliar domain. Sheldon was still on the line with me, so I asked him what was going on. Shouldn’t the confirmation come from United.com, not some random site called Travelomile? Sheldon explained that because Lufthansa operated the new flight and the changes were so last-minute, United used the site as its payments-processing partner. This didn’t quite make sense, but I suppose I still wanted to believe in Sheldon.
It wasn’t until he asked me to upload images of my family’s passports to a janky-looking website that my head started to spin. When our cab pulled into the departures zone, I hung up on Sheldon and ran to United’s customer-service counter in tears. I showed the agent behind the counter our “boarding passes.”
“I don’t know what these are, but I will help you,” the agent said. He booked us on the next flight, through Frankfurt, at no extra cost — a holiday miracle.
When we arrived at our gate, I called American Express and contested the charge from Travelomile before canceling my credit card. I then contacted Experian, one of the three major credit bureaus, to put a fraud alert on my file. Next, I filed complaint with the FTC and reported the fake ad to Google. Later, I looked up Travelomile on TrustPilot, an independent customer-review platform, and found 47 one-star ratings out 297 ratings total. Many of those one-star reviews were from people who said they had fallen for a similar scam.
American Express wound up resolving the dispute in my favor. Travelomile did not respond to requests for comment.
We made it to Berlin just in time for Thanksgiving. Sheldon left a couple of messages, saying it was important I call him back regarding my flight reservation, but I decided it was best to avoid further communication with a criminal.
Just when I thought we were out of the woods, the scammer struck again. We were on our way to a friend’s party in Berlin when we got an email from United with the subject line: “Your flight cancellation has been confirmed.”
At first I dismissed it as another attempted scam, one I would not be falling for this time, thank you very much. But when I opened the United app, our reservation had disappeared. This was Sheldon’s parting gift to us, canceling our reservation on the night before we were set to depart. The refund for the cancellation went back to my own credit card.
Once I knew I was going to be writing about this experience, I called Sheldon and left a message requesting comment. He didn’t call me back.
We missed our friend’s party because it took three hours to rebook our flights. We got middle seats all in different rows at higher prices. The memories of this chaotic Thanksgiving will stay with us forever.
Stay on guard when you travel
What consumers can do to protect themselves from travel scammers, according to John Breyault of the National Consumers League:
- Save the airline’s real number in your contacts before traveling.
- If you reach out to the airline, do it through its official app.
- If you’ve been defrauded by an impostor, contact your bank or credit card company immediately.
- File a complaint with Fraud.org, the Federal Trade Commission and/or the Department of Transportation.
- Never share your reservation confirmation code with anybody except those who absolutely need it.
- Set up multifactor authentication on airline accounts to prevent scammers from stealing your rewards points and data or tampering with future reservations.
More stories like this are available on bloomberg.com
©2025 Bloomberg L.P.