Recently there has been a dramatic increase in the stealing of frequent flier miles from the accounts of unsuspecting airline customers who participate in the various airline frequent flier programs. The reasons for this is because this kind of theft is easy to accomplish, easy to avoid detection and quite profitable. Hackers often take advantage of the fact that many people use the same username and password for many accounts. With so many usernames and passwords available to identity thieves due to the many data breaches that have become common occurrences, identity thieves are able to use usernames and passwords that they buy on the Dark Web, that part of the Internet where hackers buy and sell such information, to easily access the frequent flier accounts from people who use the same username and passwords for multiple accounts. In other instances, identity thieves will use socially engineered spear phishing emails to pose as the airlines and lure the victims into providing their usernames and passwords to the identity thief, often under the guise of confirming information for the airline.
However, sometimes victims of frequent flier miles scams merely turn over to the scammer their user name and password by clicking on links and responding to phishing emails like the one reproduced below. As phishing emails go, this one is pretty well done. The appearance, spelling and grammar of the email look legitimate and the purported reason for asking the victim to update their information due to new security features also appears legitimate. But it is not. It is a scam and people responding to this email by logging in to the site to which they are taken will end up providing their username and password to a scammer who will steal the frequent flier miles.
Because people so rarely monitor their frequent flier accounts, criminals who steal frequent flier miles often go undetected for long periods of time.
Once the criminal gains access to the account, they can profit from the information in many ways including redeeming the points for merchandise from retailers participating in the frequent flier program, transferring the points to another clean account from which they can use the points for themselves or redeeming the points for travel vouchers which they then sell posing as legitimate travel websites.
In order to protect yourself you should have a unique username and password for each of your online accounts including your frequent flier accounts. This is a basic tenet of online security that you should be following. If your program permits dual factor authentication, you should sign up for it. Refrain from providing your username and password even if it appears it is being requested from your airline’s frequent flier program. If you have any question as to whether such a request contained in an email is legitimate, you should merely contact the airline by phone at a number that you know is accurate to confirm that the request was a scam.
In regard to protecting yourself from phishing emails such as this, you can look for red flags such as the fact that your account number does not appear anywhere in the email. However, the safest tact to take is to never log in to any website from an email. If you had any belief that the email was legitimate, you should merely go to the Delta website directly and not from an email that you can never be sure is legitimate.
Also, monitor your account regularly even if you are not flying in order to become aware as early as possible if there has been a security breach in your account.
Finally, you should always shred your boarding passes. Don’t merely thrown them away in trash receptacles at the airport. The bar code on your boarding pass contains important information including your frequent flier account number that can be used to make you a victim of identity theft.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”
Here is the phishing email presently being circulated.