Had an odd morning today. I usually get about 20 to 30 emails a day, mostly spam. But today, I found 126 unread emails in my inbox. One of them was from an airline, saying ‘Your email address was changed…’ I hadn’t done that, so I logged into my account and found that 140,000 miles had been used. I called the airline, and they told me that there were flights booked to Brazil using my miles, departing from various airports today. Thankfully, they canceled the tickets, and I was given a new frequent flier account. I hope the people who did this got caught at the airport.
Just a heads up for new users… when you post here, scammers might start messaging you saying they know a hacker or recovery expert who can help you get your money back, for a small fee. We call them recovery scammers. Never take advice in private messages—always stick to public comments where the community can watch out for you. If you get messages offering help, it’s probably a scam.
It’s always a good idea to use long, complex passwords. Accounts like rewards or loyalty programs are common targets for hackers. Some scammers even have help from inside people at the company. After they steal your miles, they offer them on sites like Telegram at a discount.
@Magdalina
And if it’s available, use two-factor authentication (2FA) for added security.
Ayva said:
@Magdalina
And if it’s available, use two-factor authentication (2FA) for added security.
Also, email is a better choice for 2FA than using your phone number. Services like Gmail and Hotmail allow you to set up recovery without a phone number, which can protect you from SIM swapping attacks.
@Magdalina
Never reuse passwords. If your info gets leaked, hackers use bots to try those same passwords on other sites. Reusing the same password can let them get into everything.
It’s a terrible situation. Enable 2FA and use strong, unique passwords to avoid it happening again. And by the way, no one was arrested. Those flights were likely booked by others who were scammed too.
@Everly
And they probably paid for the taxes with stolen credit cards too.
Claire said:
@Everly
And they probably paid for the taxes with stolen credit cards too.
I had something similar happen years ago. A scammer called our company’s travel agent, pretending to be a high-ranking employee. They ordered plane tickets for different people, charging our account. Once we found out, we canceled all the tickets. Some of the outbound flights had already been used, so we could only cancel their return tickets, leaving those people stranded. I didn’t feel bad for them at all.
If you want to prevent this from happening again, ditch your current email address, create a new one, and don’t give it out to anyone. Use an alias provider like Addy.io, and give each website a different email address. If one gets spammed, just delete it and make a new one. Also, always use a password manager and make sure you have unique, long, and random passwords for each site.
It’s a good idea to keep financial and travel accounts with their own separate email addresses or aliases. My airline now requires 2FA if I try logging in from a new location or after deleting cookies, which helps add an extra layer of security.