Originally Posted by
wco81
Yeah I don't know if they can change the passenger or have a refund sent to themselves?
I've heard of some claims of people having their FF accounts robbed of their miles though.
I wish both airlines and credit card rewards programs had better security but even financial institutions aren't using 2FA widely. Well some are but not most banks and credit unions or credit card issuers.
With a record locator and passenger name, the frequent flyer number can be grabbed rather often and then sometimes misused rather easily by some. If having a contact in an airline, it's also sometimes possible to use the accessed eticket info to get some idea about the credit card number and then use that also to get other info to have a reasonly good idea of what the credit card number may be. Given how lots of bank card transactions don't rely upon chip or PIN tied verification and don't even require the 3/4 digit security code, see where this goes?