Last edit by: Prospero
This thread is dedicated to issues around American Airlines AAdvantage accounts being invaded, taken over or compromised resulting in theft of awards, miles, upgrades and other instruments - and related issues.
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
- Have a strong, protected and secure password
- check your account periodically
- be aware and keep track of your transactions
- control or destroy documents such as boarding passes
- use antivirus software- if your personal computer is hacked they can gain control of your AA account
- Be very wary of logging into your account on public computers, like at internet cafés or the hotel business center, where keystroke loggers could be installed
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
Dear JDiver,
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Account fraud / breach: my account compromised, awards taken, etc.
#106
Join Date: Jan 2005
Programs: UA GOLD MM,WN CP A+list, HH Gold,MR LT Titanium
Posts: 2,184
So it now appears that AA may be blaming the victim (OP) here ,despite that he has reported the fraud himself and gone to great lengths to assist AA in tracking down the culprits.
Corporate Security must have all the information that they need by now,as the OP has worked with many others at AA to clear this situation. One hand at AA is obviously not communicating with the other and the OP is stuck in the middle as the victim.
Corporate Security must have all the information that they need by now,as the OP has worked with many others at AA to clear this situation. One hand at AA is obviously not communicating with the other and the OP is stuck in the middle as the victim.
#107
Join Date: Apr 2009
Location: YYF/YLW
Programs: AA, DL, AS, VA, WS Silver
Posts: 5,951
A password manager is just storing all of your passwords (1Password, and I assume others, can also store pretty much anything you ask it to) in a secure database, encrypted using your master password (typically with multiple layers of encryption; any password manager worth using should describe in detail how your database is kept safe. Awardwallet does this too.). When asked, it will insert the passwords into web sites or allow you to copy the password; you can paste each password anywhere you like (at your risk), including in awardwallet (if awardwallet stores your passwords).
1Password (and I assume others) won't autofill the password on a web site that isn't listed in the particular login item to prevent you from sending your password to a scam web site, so you'll probably have to copy and paste to insert airline passwords into awardwallet, which is easy; no different than typing them in at first.
(Mods, if this is getting off topic, feel free to split and move off to a different forum if appropriate.)
#108
Join Date: Apr 2009
Location: YYF/YLW
Programs: AA, DL, AS, VA, WS Silver
Posts: 5,951
So it now appears that AA may be blaming the victim (OP) here ,despite that he has reported the fraud himself and gone to great lengths to assist AA in tracking down the culprits.
Corporate Security must have all the information that they need by now,as the OP has worked with many others at AA to clear this situation. One hand at AA is obviously not communicating with the other and the OP is stuck in the middle as the victim.
Corporate Security must have all the information that they need by now,as the OP has worked with many others at AA to clear this situation. One hand at AA is obviously not communicating with the other and the OP is stuck in the middle as the victim.
The OP is certainly a victim here, but I don't think he's a victim of AA (or at least he won't be a victim of AA once all is said and done).
#109
Join Date: Oct 2003
Location: DCA
Programs: UA LT 1K, AA EXP, Bonvoy LT Titan, Avis PC, Hilton Gold
Posts: 9,658
Wonder how your information was obtained?
Do you use GoGo WiFi? Someone on the plan could have hacked.
Maybe hotel WiFi?
Or someone may have seen your boarding pass, but then they would have to hack the PW.
I do worry about GoGo and other public WiFi. Do you use a VPN?
Do you use GoGo WiFi? Someone on the plan could have hacked.
Maybe hotel WiFi?
Or someone may have seen your boarding pass, but then they would have to hack the PW.
I do worry about GoGo and other public WiFi. Do you use a VPN?
#110
Join Date: Apr 2009
Location: YYF/YLW
Programs: AA, DL, AS, VA, WS Silver
Posts: 5,951
You should never be connecting to an airline web site over an insecure connection anyway, so a VPN shouldn't matter (not that a VPN is a bad idea anyway). Unless the OP hasn't changed passwords since the heartbleed bug came out.
#111
Join Date: Sep 2009
Location: Global
Posts: 5,998
It's certainly true that there's a bit of different groups in AA not talking to each other, but I'll give them the benefit of the doubt here. I very much doubt that this will result in Gardyloo's miles being taken away. Instead, I prefer to assume for now that that form email was sent out automatically when security locked the account to investigate the fraud. At the very least, I'd reserve judgement.
The OP is certainly a victim here, but I don't think he's a victim of AA (or at least he won't be a victim of AA once all is said and done).
The OP is certainly a victim here, but I don't think he's a victim of AA (or at least he won't be a victim of AA once all is said and done).
A FF who called in to report a fraudulent use of miles is a victim again because AA did not proactively freeze account changes OR freeze the miles OR change the account number OR set up a fraud alert is not a good story for AA.
I think their will be some hoops to jump through, but AA will restore all in the end.
#112
FlyerTalk Evangelist
Join Date: Sep 2003
Location: HH Diamond, Marriott Gold, IHG Gold, Hyatt something
Posts: 33,539
I was on this flight/cabin two days before. Not bad, but I miss the nice salmon/caviar.
#113
Join Date: Aug 2004
Programs: AA (EP), Hilton (Diamond), Marriott Bonvoy (Titanium)
Posts: 8,937
this is a good opportunity to remind everyone that a password manager (I use 1Password because they have an excellent and very communicative approach to security; I've also read good things about LastPass and Apple's Keychain for Mac/iOS users) to ensure strong passwords which are independent for every one of one's accounts without the impossible task of memorizing them all can prevent issues like this from cascading from one account to another.
One of the nice features of 1Password is that it makes it easy to change passwords. After you do, you can paste the new password into Awardwallet.
#114
Join Date: Sep 2009
Location: Global
Posts: 5,998
I would agree unlikely, but, we simply do not know for certain.
#115
Join Date: Dec 2005
Location: California
Programs: AA EXP...couple hotels and cars too
Posts: 4,548
#116
Join Date: Aug 2004
Programs: AA (EP), Hilton (Diamond), Marriott Bonvoy (Titanium)
Posts: 8,937
Having re-read Jon's comment, I think I did misunderstand, but in a different way: I now think Jon meant that there was no chance of the passenger being apprehended (by law enforcement).
#118
Moderator, OneWorld
Original Poster
Join Date: Feb 2002
Location: SEA
Programs: RAA RIP; AA ExEXP
Posts: 11,802
#119
FlyerTalk Evangelist
Join Date: Oct 1999
Location: Juneau, Alaska.
Programs: AS 75K;BA Silver;AA G;HH Dia;HY Glob
Posts: 15,815
I assume that your account still remains suspended? Is the suspension affecting any trips you might have been planning?
#120
Join Date: Mar 2015
Posts: 1,620
A fellow Physician at the Hospital had his account hacked last year and AA froze his account but eventually did unfreeze it and re-instated all the miles that were stolen.
I remember at the time he was a little miffed because the first contact with AA Corporate Security seemed to blame him rather than treat him like a victim.
However, he said once he responded to the original email further communications started to change in tenor and started to treat him as a victim and a desire to help him, not blame him.
I think he said eventually AA Corporate Security had him change his password again, even though he changed it immediately after he realized what had happened.
My only thought is that AA Corporate Security first contact should not be so accusatory in tone to people who truly did nothing wrong
I have come to find that people in Security roles sometimes forget that not everyone is bad apple, in fact just the other day I had to deal with a Police Officer who brought in an arrestee to be treated and I had to remind the Police Officer that I did nothing wrong and would appreciate that he treats me as a law abiding citizen and not a would be criminal.
I remember at the time he was a little miffed because the first contact with AA Corporate Security seemed to blame him rather than treat him like a victim.
However, he said once he responded to the original email further communications started to change in tenor and started to treat him as a victim and a desire to help him, not blame him.
I think he said eventually AA Corporate Security had him change his password again, even though he changed it immediately after he realized what had happened.
My only thought is that AA Corporate Security first contact should not be so accusatory in tone to people who truly did nothing wrong
I have come to find that people in Security roles sometimes forget that not everyone is bad apple, in fact just the other day I had to deal with a Police Officer who brought in an arrestee to be treated and I had to remind the Police Officer that I did nothing wrong and would appreciate that he treats me as a law abiding citizen and not a would be criminal.