Thousands of stolen frequent flyer miles of top airlines sold on Dark Web

Stolen frequent flyer miles of top airlines sold on Dark Web

Dark Web has become a business hub for malicious hackers and cybercriminals.

It seems like there is nothing that is spared from the prying eyes of cybercriminals and the Dark Web has become a thriving ground for all types of illegally acquired data and criminals activities. However, this time around researchers from CompariTech haven’t identified illegal goods or drugs but frequent flyer miles being sold at the Dark Web.

Believe it or not, but the now it is possible to buy frequent flyer miles on the dark web marketplace; these miles are usually associated with a specific user who receives it after flying frequently with a particular airline and can redeem them on future trips. Using them, a flyer can avail discounts and even free travel as well as access to exclusive airport lounges and upgrades to first class or business class at huge discounts.

See: Hackers take free rides by hacking American, United airlines accounts

CompariTech researchers have discovered the list of frequent flyer miles for sale. Cybercriminals, researchers believe, have benefitted from lax policies to steal such private information and convert it into a profit-making commodity.

It is also noted that the flyer points are available for just a fraction of the cost that legitimate buyers are required to pay and hundreds of thousands of frequent flyer points are on sale. It is identified that the average minimum rate of a single batch of stolen flyer points is $31.

Comparitech’s privacy advocate Paul Bischoff explains that air miles are available for a number of companies including Emirates, British Airways, Delta, and Alaska Air, etc.

Moreover, 100,000 British Airways air miles are on sale for $144, 45,000 Delta SkyMiles are on sale for $101, 100,000 Emirates Skywards miles are on sale for $520, and 100,000 Virgin Atlantic Flying Club points can be bought for $884.  The list is available for sale on the Dream Market, Berlusconi Market, and Olympus as well apart from the Dark Web.

Screenshot of the data sold on Dark Web (Image credit: Comparitech)

It is possible to steal air miles by hijacking a customer’s account or exploiting loopholes in the airlines’ systems for transferring the data. After securing the air miles, these are transferred into a new legitimate account or redeemed immediately. Purchases can be made in Bitcoin and Monero.

CompariTech also revealed that the listings are shown as Clean, which means the account hasn’t been blocked by the airlines, and Tainted, which means that the points may be difficult to claim or transfer.

See: Dark web marketplace selling access to the airport’s security system

It is quite easy to steal flyer miles since all that a hacker need is your username, password, and a PIN number as per the policy of the airlines. This data is also up for sale on the Dark Web. Therefore, if you are a frequent traveler and collect miles and flyer points, then it is important to keep checking your account to prevent hacking.

You can do so by avoiding sharing your account number with anyone and use a strong password comprising of numbers, alphabets, and symbols. Furthermore, never write your account number on any of your luggage tags. If you find your points to be hacked, the first line of action should be to contact the airlines.

Related Posts