Dammit! Another account hack!
#1
Original Poster
Join Date: Dec 2014
Location: HKG
Programs: BAEC Gold, CX MPC Gold, Avis preferred plus, MyWaitrose card
Posts: 286
Dammit! Another account hack!
Sitting eating dinner when my phone suddenly goes crazy... over a hundred new emails in a minute to my personal email account. I have a quick scan through and see a BA Booking email. Quickly log on to my executive club account... 2 avios bookings for Langham hotel in Hong Kong, total ~150,000 avios. Booking made from someone in China!
Quickly changed BAEC password and phoned up the gold line to inform them and get my account locked, then spent the last hour checking all my other financial accounts that use that same email address... thankfully only BAEC seems to be affected.
It appears that whoever hacked it tried to hide the booking confirmation emails using spam bombing (I have had maybe 2000 emails over the last hour, mostly from wordpress@ .... .com), which thankfully alerted me to the hack. Problem is it has completely crippled my email for now!!
Not sure how they got my password, the only thing I can think of was that I was at Shanghai airport yesterday and logged onto the BA app on my phone whilst connected to the free airport wifi!!!
In the meantime, anyone IT literate got any suggestions on how to deal with this constant spamming.....
Quickly changed BAEC password and phoned up the gold line to inform them and get my account locked, then spent the last hour checking all my other financial accounts that use that same email address... thankfully only BAEC seems to be affected.
It appears that whoever hacked it tried to hide the booking confirmation emails using spam bombing (I have had maybe 2000 emails over the last hour, mostly from wordpress@ .... .com), which thankfully alerted me to the hack. Problem is it has completely crippled my email for now!!
Not sure how they got my password, the only thing I can think of was that I was at Shanghai airport yesterday and logged onto the BA app on my phone whilst connected to the free airport wifi!!!
In the meantime, anyone IT literate got any suggestions on how to deal with this constant spamming.....
#2
Join Date: Jan 2017
Programs: BA Gold
Posts: 461
Sorry to hear that, it sucks being the victim of such an attack.
The spam you will just have to live with for the short term. Moving forwards I would suggest a VPN (you can get Freedome which is what I use for very little money) although I'm not sure that would help you in China as VPNs are being blocked by the government.
I would also suggest getting a password manager such as LastPass (again, the one I use) and making sure every password is unique and 14 characters long.
Finally, enable Two Factor wherever you can. Not available for ba.com but make sure you have it on on your email etc.
Flying Monkie
The spam you will just have to live with for the short term. Moving forwards I would suggest a VPN (you can get Freedome which is what I use for very little money) although I'm not sure that would help you in China as VPNs are being blocked by the government.
I would also suggest getting a password manager such as LastPass (again, the one I use) and making sure every password is unique and 14 characters long.
Finally, enable Two Factor wherever you can. Not available for ba.com but make sure you have it on on your email etc.
Flying Monkie
Last edited by flyingmonkie; Aug 18, 2017 at 7:24 am Reason: Clarity.
#4
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 63,731
Thanks for the useful reminder that there are bad guys out there. I would also call the Langham and ensure they also have blocked the reservation.
Was your password unique to BA, or was it shared with other login websites?
Was your password unique to BA, or was it shared with other login websites?
#5
Suspended
Join Date: Feb 2006
Posts: 1,992
Sorry to hear that, it sucks being the victim of such an attack.
The spam you will just have to live with for the short term. Moving forwards I would suggest a VPN (you can get Freedome which is what I use for very little money) although I'm not sure that would help you in China as VPNs are being blocked by the government.
I would also suggest getting a password manager such as LastPass (again, the one I use) and making sure every password is unique and 14 characters long.
Finally, enable Two Factor wherever you can. Not available for ba.com but make sure you have it on on your email etc.
Flying Monkie
The spam you will just have to live with for the short term. Moving forwards I would suggest a VPN (you can get Freedome which is what I use for very little money) although I'm not sure that would help you in China as VPNs are being blocked by the government.
I would also suggest getting a password manager such as LastPass (again, the one I use) and making sure every password is unique and 14 characters long.
Finally, enable Two Factor wherever you can. Not available for ba.com but make sure you have it on on your email etc.
Flying Monkie
#6
Join Date: Jan 2017
Programs: BA Gold
Posts: 461
It wouldn't but it would make sure that every website has a unique password and so a hack of one does not equal a hack for all.
#7
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,369
I'm surprised that the hacker didn't try to change the email address on your BA account. That seems to be a common ploy, although good practice is to send a notice of the email change to the old email address, which you then (hopefully) would have noticed.
#8
Original Poster
Join Date: Dec 2014
Location: HKG
Programs: BAEC Gold, CX MPC Gold, Avis preferred plus, MyWaitrose card
Posts: 286
Thanks for the replies.
I have set up a rule to automatically delete any email with Wordpress in the sender line, which seems to have stopped most of them. They seem to be using a bot to sign my email address up to loads of websites/mailing lists!
Luckily my BA password is not the same as my other accounts, or my email address, but have just changed them all to be safe anyway.
I have IPVanish vpn app on my phone, but is has trouble connecting in China so didn't bother using it! Oh well, live and learn!
I have set up a rule to automatically delete any email with Wordpress in the sender line, which seems to have stopped most of them. They seem to be using a bot to sign my email address up to loads of websites/mailing lists!
Luckily my BA password is not the same as my other accounts, or my email address, but have just changed them all to be safe anyway.
I have IPVanish vpn app on my phone, but is has trouble connecting in China so didn't bother using it! Oh well, live and learn!
#9
Original Poster
Join Date: Dec 2014
Location: HKG
Programs: BAEC Gold, CX MPC Gold, Avis preferred plus, MyWaitrose card
Posts: 286
#10
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 63,731
Indeed, which is why the hacker sends 2,000 random emails to bury that crucial BAEC email. However it wouldn't surprise me that BA's IT slowed down the hacker for our valiant OP to intervene. I presume what happened here wasn't so much a hack of BA.com but a takeover of the BA App access on an emulator. Something rather common in that neck of the woods unfortunately.
#11
Suspended
Join Date: Mar 2014
Programs: Regarded as total and utter snob amongst the BAEC community.
Posts: 971
I would change your password first and speak to your your IT department ASAP to ensure your devices are not infected with any mal or spyware.
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
#12
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 63,731
[More boringly, what these hackers often do is sell the hotel reservation on to someone else, so whoever turns up at the hotel may well be someone naive enough to believe in a price that is too good to be true, but not necessarily a criminal].
#13
FlyerTalk Evangelist
Join Date: Jun 2004
Location: LON, ACK, BOS..... (Not necessarily in that order)
Programs: **Mucci Diamond Hairbrush** - compared to that nothing else matters (+BA Bronze)
Posts: 15,114
I would change your password first and speak to your your IT department ASAP to ensure your devices are not infected with any mal or spyware.
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
#14
Join Date: Nov 2015
Location: London
Programs: BA Gold
Posts: 1,680
I would change your password first and speak to your your IT department ASAP to ensure your devices are not infected with any mal or spyware.
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
A few tips to prevent hacking in the future:
Never connect to any kind of public WIFI unless it is secured and protected.
Make sure your phone/laptop/tablet is upto date with all latest virus protection and security updates.
Never use public computers to logon to any accounts such as those in lounges or public spaces.
When creating passwords make them long and which uses a combination of upper, lower and special characters.
Hope this helps!
Regardless of whether Wi-Fi is open or protected, if you visit only https sites then isn't the data secured between your device and the website? Does for example the BA app use a secure data connection method?
#15
Join Date: Jul 2013
Location: The World ;-)
Programs: OneWorld, Star Alliance, SkyTeam, AMEX
Posts: 322
They are absolutely safe for accessing sites or running apps on your own device.
An app like the BA one (or a banking app, or email client, etc.) would not send passwords in plaintext. Any API calls would be over an SSL connection and the API calls would follow something like OAuth2 standard, such as using bearer token authentication. I doubt OP's issues are due to him using the app over public wifi.