Aug 22, 2015, 2:16 pm
Last edit by: Prospero
This thread is dedicated to issues around American Airlines AAdvantage accounts being invaded, taken over or compromised resulting in theft of awards, miles, upgrades and other instruments - and related issues.
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
- Have a strong, protected and secure password
- check your account periodically
- be aware and keep track of your transactions
- control or destroy documents such as boarding passes
- use antivirus software- if your personal computer is hacked they can gain control of your AA account
- Be very wary of logging into your account on public computers, like at internet cafés or the hotel business center, where keystroke loggers could be installed
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
Dear JDiver,
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Account fraud / breach: my account compromised, awards taken, etc.
Sep 6, 2016, 4:37 pm
#361
Join Date: Jan 2010
Programs: AA PLT the rest, Kettle Power
Posts: 667
AA Account Hacked? - award tickets booked
Strange goings on today. I called to have a cancelled award tickets miles reinstated - 90k miles. All went fine, miles posted great.
Rechecked - slightly obsessive - later in the day and I see 3 deductions from my account, all amounting to exactly 90k...
Called in to find out why the miles where gone and the AAgent asked me if I'd recently booked award tickets... nope. To Cairo... nope. For someone called Amir... nope.
A little heads up in case this is another case of wide spread hacking, check your accounts regularly. It could also be that somehow I alone was hacked/someone found my AA # and managed to bypass AA's security questions. A little too convenient that it was exactly 90k, the same amount that was just credited to my account...
AA is looking into it, I'll update with any info I get.
Rechecked - slightly obsessive - later in the day and I see 3 deductions from my account, all amounting to exactly 90k...
Called in to find out why the miles where gone and the AAgent asked me if I'd recently booked award tickets... nope. To Cairo... nope. For someone called Amir... nope.
A little heads up in case this is another case of wide spread hacking, check your accounts regularly. It could also be that somehow I alone was hacked/someone found my AA # and managed to bypass AA's security questions. A little too convenient that it was exactly 90k, the same amount that was just credited to my account...
AA is looking into it, I'll update with any info I get.
Sep 6, 2016, 4:45 pm
#362
A FlyerTalk Posting Legend
Join Date: Jan 2002
Posts: 44,622
A booking could be made, but AA does send out an email to the account holder's email address to inform that a redemption has been made , which should allow such things to be caught , rather than worrying about checking frequently
Sep 6, 2016, 4:51 pm
#364
Join Date: Jul 2010
Location: SFO
Programs: AA EXP
Posts: 5,270
Anyhow, this is most likely not a case of hacking, but rather the agent forgetting to switch to the next customer's account when pulling their requested awards -- similar cases have been reported here occasionally (though the 90k is an odd coincidence).
Sep 6, 2016, 4:54 pm
#365
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
Shokran gazilan!
Your new friend,
Amir
Your new friend,
Amir
When I book awards, I get
Hello JDiver,
AAdvantage Number: OINFO4U,
We have deducted AAdvantage® miles from your account and issued the following:
Date Issued Mileage Description
08-31-2016 110,000 Flight Award
08-31-2016 110,000 Flight Award
Just in case you did not authorize these miles to be deducted, please contact us so we can assist you.
If your redemption was for a flight, car or hotel award, you will receive your confirmation and any applicable vouchers separately.
Sincerely,
Janet L. Ferguson
Director
AAdvantage Customer Service
AAdvantage Number: OINFO4U
,We have deducted AAdvantage® miles from your account and issued the following:
Date Issued Mileage Description
08-31-2016 110,000 Flight Award
08-31-2016 110,000 Flight Award
Just in case you did not authorize these miles to be deducted, please contact us so we can assist you.
If your redemption was for a flight, car or hotel award, you will receive your confirmation and any applicable vouchers separately.
Sincerely,
Janet L. Ferguson
Director
AAdvantage Customer Service
We will merge this into the existing thread. /Moderator
Sep 6, 2016, 4:57 pm
#366
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,417
If someone hacked into your account, they may have changed your email address on the account too, althouh that should generate a change of email address message sent to the old email address.
Sep 6, 2016, 6:42 pm
#367
Join Date: Jan 2010
Programs: AA PLT the rest, Kettle Power
Posts: 667
AA is trying out find out who my new friend, Amir is. They're most concerns about the 'lucky' coincidence of exactly 90k going in and coming out... I changed my password immediately.
Of note, I put on hold an EY award ticket yesterday and got the email conf within a few hours, agreed it can take time though. The red flag to me is that the agent asked me to read my email twice, and implied the conf emails had been sent to another address...
Thanks for moving Mods, didn't know this thread existed...
Of note, I put on hold an EY award ticket yesterday and got the email conf within a few hours, agreed it can take time though. The red flag to me is that the agent asked me to read my email twice, and implied the conf emails had been sent to another address...
Thanks for moving Mods, didn't know this thread existed...
Sep 6, 2016, 6:58 pm
#368
Suspended
Join Date: Mar 2001
Location: FIND ME ON TWITTER FOR THE LATEST
Posts: 27,730
Sep 6, 2016, 7:11 pm
#369
Join Date: Jan 2010
Programs: AA PLT the rest, Kettle Power
Posts: 667
Between my 1 month old son and my wife, neither of whom were aware of my call to AA today to redeposit the miles from an old ticket, I'm thinking it must have been my son...maybe he has a friend called Amir?
Sep 6, 2016, 7:36 pm
#370
Suspended
Join Date: Mar 2001
Location: FIND ME ON TWITTER FOR THE LATEST
Posts: 27,730
Sep 6, 2016, 7:54 pm
#371
Join Date: Jan 2010
Programs: AA PLT the rest, Kettle Power
Posts: 667
My own fault for buying him that fisher price phone...
In all seriousness though, they did ask repeatedly if I or anyone had booked any flights today, and whether I knew someone called Amir. So Jon is right, they're trying to eliminate anyone in my circle I guess.
Hopefully this is resolved soon so I can get on with ticketing my EY F hold...
In all seriousness though, they did ask repeatedly if I or anyone had booked any flights today, and whether I knew someone called Amir. So Jon is right, they're trying to eliminate anyone in my circle I guess.
Hopefully this is resolved soon so I can get on with ticketing my EY F hold...
Sep 7, 2016, 1:55 am
#372
FlyerTalk Evangelist
Join Date: May 2004
Location: DFW/DAL
Programs: AA Lifetime PLT, AS MVPG, HH Diamond, NCL Platinum Plus, MSC Diamond
Posts: 21,422
Some general comments about "secure" info:
(1)People (frequently) leave bps in the back seat pockets--their FF# and name are now exposed.
(2)A "simple" google search, would reveal their address and phone number, age, close relatives. from the name alone. [A deeper search (for a fee) would uncover MUCH more.]
(3)If you are employed by a [NYS] state gov't agency, your salaries for the last several years are a "public" record.
(4)If I purchase something from AMAZON, they know my AMEX reward balance...so if AMAZON were "hacked", some/all of my AMEX info could be exposed. [Lots of cross linking of accts, leaves them open to hackers.]
On line merchants (airlines INCLUDED*), should use a 2-pass verification system (like gmail allows you to set-up, if you access your mail from an unknown computer).
*ESPECIALLY when mile redemptions are involved.
(1)People (frequently) leave bps in the back seat pockets--their FF# and name are now exposed.
(2)A "simple" google search, would reveal their address and phone number, age, close relatives. from the name alone. [A deeper search (for a fee) would uncover MUCH more.]
(3)If you are employed by a [NYS] state gov't agency, your salaries for the last several years are a "public" record.
(4)If I purchase something from AMAZON, they know my AMEX reward balance...so if AMAZON were "hacked", some/all of my AMEX info could be exposed. [Lots of cross linking of accts, leaves them open to hackers.]
On line merchants (airlines INCLUDED*), should use a 2-pass verification system (like gmail allows you to set-up, if you access your mail from an unknown computer).
*ESPECIALLY when mile redemptions are involved.
Sep 9, 2016, 12:14 pm
#373
Join Date: Apr 2011
Location: New York
Programs: AA EXP 1.0mm, not sure where I am with hotels these days
Posts: 2,795
That has happened to me with SWUs.
Sep 9, 2016, 12:45 pm
#374
Join Date: Jul 2001
Programs: AA EP
Posts: 2,203
Strange goings on today. I called to have a cancelled award tickets miles reinstated - 90k miles. All went fine, miles posted great.
Rechecked - slightly obsessive - later in the day and I see 3 deductions from my account, all amounting to exactly 90k...
Called in to find out why the miles where gone and the AAgent asked me if I'd recently booked award tickets... nope. To Cairo... nope. For someone called Amir... nope.
A little heads up in case this is another case of wide spread hacking, check your accounts regularly. It could also be that somehow I alone was hacked/someone found my AA # and managed to bypass AA's security questions. A little too convenient that it was exactly 90k, the same amount that was just credited to my account...
AA is looking into it, I'll update with any info I get.
Rechecked - slightly obsessive - later in the day and I see 3 deductions from my account, all amounting to exactly 90k...
Called in to find out why the miles where gone and the AAgent asked me if I'd recently booked award tickets... nope. To Cairo... nope. For someone called Amir... nope.
A little heads up in case this is another case of wide spread hacking, check your accounts regularly. It could also be that somehow I alone was hacked/someone found my AA # and managed to bypass AA's security questions. A little too convenient that it was exactly 90k, the same amount that was just credited to my account...
AA is looking into it, I'll update with any info I get.
On his/her screen when they took a subsequent call where the person was redeeming miles. Happened to me a few times with SWU usage.