Hackers Targeting Your Airline Miles and Travel Points
Today, cybercriminals are increasingly targeting airline miles and travel points. Most people do not regularly monitor their hotel or airline points accounts, making them vulnerable to theft. Security experts note a surge in hacking of loyalty accounts in recent years, driven by the criminals seeking easier targets. Hackers are exploiting a common security mistake of using the same password across multiple accounts to gain unauthorized access to airline and hotel loyalty accounts. Loyalty programs are akin to bank accounts, with billions of dollars worth of points exchanging hands each year. While credit card fraud protection has improved, loyalty accounts remain at risk due to lax security measures.
How Hackers Exploit Loyalty Accounts
- Shift from credit card fraud to loyalty account takeovers has caught Airlines off guard.
- Hackers use databases of login credentials from website breaches to test on airline and hotel loyalty accounts.
- Cybercriminals leverage bots to carry out massive credential stuffing attacks.
Rise in Credential Stuffing Attacks
Between the fourth quarter of 2013 and the first quarter of 2014, attacks on airline accounts saw a 166% increase. Cybersecurity experts warn that hackers in Vietnam, China, and Russia are selling tools for credential stuffing attacks, making it easier for non-developers to commit cybercrimes. These attackers are even offering tech support to buyers, lowering the barrier to entry for such malicious activities.
Monetizing Hacked Loyalty Accounts
- Cybercriminals compromise accounts and sell access to them through Telegram and WhatsApp groups.
- Compromised accounts are often priced at 80% or less of their actual value.
- Hacked accounts are cashed out by redeeming points for gift cards or purchasing airline tickets.
Loyalty Accounts as Valuable Targets
Loyalty accounts have become lucrative targets due to the success of Airlines promoting co-branded credit cards. With the majority of points earned through credit card rewards, hackers see an opportunity to profit from compromised accounts. Despite the rising value of loyalty accounts, security measures within the airline industry have not kept pace, leaving them vulnerable to cyberattacks.
Hot Take: Protect Your Loyalty Accounts
As cybercriminals increasingly target airline miles and travel points, it is crucial for travelers to safeguard their loyalty accounts. By using unique and secure passwords, monitoring account activity regularly, and enabling multi-factor authentication where available, users can reduce the risk of falling victim to credential stuffing attacks. Stay vigilant and proactive in protecting your valuable loyalty rewards from malicious actors online.
By
By
By
By
