American Airlines and United Airlines both have recently announced that last month frequent flier accounts for thousands of their customers were hacked by identity thieves stealing miles to book free trips and upgrades. Although the hacking occurred in December, the airlines are just now notifying affected customers. Both affected airlines have informed the victims of the hackings that their stolen miles will be restored to their accounts. It is important to note the important distinction that the computers of American Airlines and United Airlines were not hacked, but rather individual accounts of customers whose usernames and passwords has somehow been obtained by the identity thieves to gain access to their frequent flier accounts.
The lesson of this scam is one that I have previously mentioned many times, namely, you should use complex usernames and passwords and, most importantly, have different usernames and certainly different passwords for all of your accounts. Otherwise you are at risk for all of your online activities from banking to retail purchases if someone manages to steal just one account’s username and password. I have written extensively about how to pick a difficult to steal, but easy to remember password many times before, but one tip is definitely worth remembering. Pick a phrase, such as “IDon’tLikePasswords” and you can use this complex and strong password which has symbols, small letters and capital letters and then strengthen it further by adding a couple of exclamation points at the end to read “IDon’tLikePasswords!!” and then use it as a base password that you distinguish with a few letters for each account. So, for example, if the password were to be for your American Airlines frequent flier account, you could make the password “IDon’tLikePasswords!!AM.”