Leave a comment

Hackers targeting your frequent flyer miles

Hackers targeting your frequent flyer miles

There isn't a much scarier thought than having your personal or banking information stolen. It doesn't even feel safe to go to the grocery store anymore with all of the data breaches that have been discovered recently.

Keeping your credit card details safe is getting harder and harder. Cybercriminals are trying to steal your information no matter where you use your card. In the last year, we've seen attacks on restaurants, retail stores, hotels and even hospitals.

With that in mind, banks made the move to EMV (Europay, MasterCard, and Visa) cards, a.k.a chip-equipped cards. EMV chips are intended to make it a lot tougher for criminals to steal your information, and to exploit retailers' payment systems.

Stronger banking security has led cybercriminals to look for victims in unconventional places. A recent "Wall Street Journal" article says that thieves are now targeting your frequent-flyer miles. We checked into it and it turns out to be true, this is really happening.

Stolen frequent-flyer miles

When I think of cybercrime, stolen airline miles isn't the first thing that comes to mind. However, as we become more aware of traditional digital threats and strengthen our security, thieves are looking for less secure places to steal from. Hence the world of stolen frequent-flyer miles.

The worst incidents were reported last year when frequent-flyer miles were stolen from customers of American and United Airlines. Only about three dozen accounts with United had miles stolen. American Airlines wasn't as lucky, as nearly 10,000 customer accounts were compromised.

The cybercriminals didn't actually breach the airlines' databases or servers. They were able to steal credentials from other sites and found those account holders were using the same passwords for their mileage accounts.

Thieves who got their hands on these miles were able to use them to book vacations, car rentals and other mileage transactions. Both American and United Airlines said they would restore the stolen miles to affected accounts.

In response to these types of attacks, United Airlines changed its security practices. It used to have customers use a four-digit PIN instead of a password to log in. They changed to passwords along with having customers answer questions from a pull-down menu.

United called its new security procedure a two-factor authentication system when in reality it doesn't use a second-device backstop check. United says the typical two-step authentication process wouldn't always work for travelers because they wouldn't get a text message while on an airplane.

Some people have complained about United's security as being too easily defeated. The airline is looking into implementing even better security.

Avoid these security mistakes

You need to stay on top of the constantly evolving world of cybercrime. It's not just your bank account that is at risk these days. With thieves targeting frequent-flyer miles now, nothing seems to be safe anymore.

With criminals trying to steal from us in more devious ways, you need to make it harder for them to succeed. Too many people continue to take security too lightly and make simple mistakes that they could easily fix.

Here are some security mistakes that you should avoid: 

  • Having a weak password - Using passwords that are easy for hackers to crack is a major problem. It's amazing the number of people that use their birthday, or even the word "password" as their password. Hackers use state-of-the-art technology to steal your information, the least you can do is come up with a stronger barrier. Here is a tip that will help you choose a stronger password.
  • Not paying attention to your account - You probably check your bank account or credit card statement often so you can make sure there is no strange activity. At least you should be! Well, you should also be checking your frequent-flyer account. Now that you know thieves are after bonus miles there's no excuse to avoid keeping track of your account.
  • Using the same password on multiple sites - Having the same password to access multiple accounts is a terrible idea. The recent theft of frequent-flyer miles is a perfect example. Cybercriminals were able to access frequent-flyer accounts by stealing the account holders' passwords from another site. Don't make this huge mistake!
  • Not shredding your boarding pass - Even though your frequent-flyer information isn't located on your boarding pass or e-ticket, criminals can still get it from them. A mobile barcode reader would be able to scan your boarding pass and get the frequent-flyer information. You should always make sure to shred your boarding pass or e-ticket and never leave them exposed in public.

Protect your rewards

Now that you know your frequent-flyer miles are in danger of being stolen, what can you do to protect them? The National Cyber Security Alliance works with Homeland Security. They recently gave suggestions on how to protect your rewards. Here are some security ideas:

  • Check your account - Make sure you check your account often, especially if you don't travel constantly.
  • Use the strongest authentication available - You should put your frequent-flyer security setting at the strongest available. If the airline offers two-step authentication, you should use it.
  • Don't click on unknown links - Links in emails, tweets, posts and online advertising could be malicious. If the link looks suspicious it could be from a cybercriminal trying to steal your information.
  • Have unique login credentials - Never use the same username or password on multiple accounts. If you have an account compromised on one site and it's the same credentials on another, it's at risk. And as we mentioned previously, make sure your password is strong and secure.
  • Use public Wi-Fi cautiously - When you travel, it's tempting to use the public Wi-Fi network at the airport, coffee shops and other venues, or even the guest login provided for your hotel room. But you probably shouldn't. Public Wi-Fi is open to everyone, which makes it a prime target for hackers. And every device is susceptible, no matter if it's your laptop, tablet or smartphone. If you do use public Wi-Fi, read this tip on how to keep from getting hacked.
  • Update your loyalty apps - If you are using a loyalty app, make sure it's up to date. New updates with security patches are always being released.
  • Protect your phone - If your phone is ever stolen it's best if you have it protected with a strong passcode.
Next Story
Source: WSJ
View Comments ()
Sponsor: 5 safety tips for living by yourself
Previous Tips

Sponsor: 5 safety tips for living by yourself

My mom was almost rental-scammed
Next Tips

My mom was almost rental-scammed