Attracted by destination vacations, cash incentives and other luxury items, airline reward thieves have made frequent flyer miles a prime target. In January of 2015, CBS News reported that American Airlines had as many as 10,000 passwords hacked. In addition, United Airlines stated thieves made reservations or transactions with miles on up to three dozen accounts.
Hackers Steal Airline Program Passwords to Cash in Rewards
In both the American and United reward program attacks, criminals did not break into computer systems. Instead thieves stole members’ passwords from another source to gain access to airline frequent flyer accounts. Thieves then bought airline tickets with stolen miles and sold the tickets on the black market.
Staying one step ahead of airline reward program fraud isn’t easy, but by putting the right systems in place and increasing awareness you can reduce the risks. Since the password is the first line of defense against airline reward program fraud, it’s going to be a key component in keeping airline programs secure.
5 Ways to Reduce Airline Frequent Flyer Fraud
- Require Frequent Password Changes: Although this one can be a challenge, most consumers understand it helps keep their account information and airline reward miles secure.
- Verify Email Addresses: By using a solution to verify email addresses, you can keep frequent flyer miles secure. Your chosen solution should feature intelligent risk assessment to evaluate the risk of airline fraud based on the email address used in each transaction.
- Use a Password Manager: Educating consumers on the importance of securing passwords in a trustworthy password manager instead of on the side of a computer terminal is key to avoiding airline program fraud.
- Require a Strong Password: Strong passwords combine upper and lower case characters and contain both alpha and numeric characters. Mixing these up can make for a stronger password that’s tougher to hack.
- Add Two-Factor Authentication: Some travel websites are keeping airline rewards secure by adding steps to the login process. For example, users need to answer a security question in addition to entering a login id and password.
The airline fraud incidents at United and American Airlines serve as a wake up call to secure an airline rewards program.
With Emailage, you can assess whether the email used in the transaction is valid or at high risk for airline program fraud. With data on 96% of emails globally, Emailage provides a simple layer to add to your fraud prevention strategy. Learn more about how Emailage can help your fraud team, by visiting our airline information page.