Aug 22, 2015, 2:16 pm
Last edit by: Prospero
This thread is dedicated to issues around American Airlines AAdvantage accounts being invaded, taken over or compromised resulting in theft of awards, miles, upgrades and other instruments - and related issues.
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
- Have a strong, protected and secure password
- check your account periodically
- be aware and keep track of your transactions
- control or destroy documents such as boarding passes
- use antivirus software- if your personal computer is hacked they can gain control of your AA account
- Be very wary of logging into your account on public computers, like at internet cafés or the hotel business center, where keystroke loggers could be installed
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
Dear JDiver,
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Account fraud / breach: my account compromised, awards taken, etc.
Oct 12, 2017, 10:46 am
#466
Join Date: May 2006
Location: SAN
Programs: Lots of faux metal
Posts: 6,425
Oct 12, 2017, 10:46 am
#467
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
This probably should go into this thread:
Account fraud / breach: my account compromised, awards taken, etc. (link)
Supermarigm - you're not the first person this has happened to, and unfortunately - not the first person who has had this experience....
.
Account fraud / breach: my account compromised, awards taken, etc. (link)
Supermarigm - you're not the first person this has happened to, and unfortunately - not the first person who has had this experience....
.
It's food you were signed up for the email alerts; obviously, they're working for the new account as well (I always get a password change alert when I change my password).
AA will undoubtedly transfer your existing miles to your new account. They do want a police report to formalize the issue; though police won't do anything, AA has had too many sell or issue awards and then tell AA it was theft they want that small extra bit of assurance, I suspect.
As to the hotel, presumably AA Vacations might cancel, but they might not. Having your information used to secure a travel and stay on AA Vacations as well - a separate company from American Airlines - makes this a bit different than someone breaching your AA account. You decide if you want to be out in the position of keeping track if someone checks in to "your" hotel room or not (to which the local cops might not respond, and the guest may have been given or sold the stay by the actual malefactor) or choose to contact the property to cancel and leave the guest without a room (and car if you contact the rental company?).
Just in case: once your trip is over and your miles have hit your account, destroy boarding passes. Be sure your frequent flyer number and name are secured; I've found discarded boarding passes in lounges, on airport floors, in seat back pockets... a nice gift to scam artists.
I know it's frustrating to have this happen, but persist, work with Corporate Security and things will be made right. @JonNYC #JonNYC
Last edited by JDiver; Oct 12, 2017 at 10:49 am Reason: Seeing which works best - mention or tag
Oct 12, 2017, 10:51 am
#468
Join Date: Jun 2005
Location: ORD (formerly SAN)
Programs: Hilton Diamond; IHG Platinum; Bonvoy Gold; AA Platinum Pro and United Premier Silver (DH = AA EXP)
Posts: 1,929
Oct 12, 2017, 10:54 am
#469
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,417
Welcome to FlyerTalk.
It's food you were signed up for the email alerts; obviously, they're working for the new account as well (I always get a password change alert when I change my password).
AA will undoubtedly transfer your existing miles to your new account. They do want a police report to formalize the issue; though police won't do anything, AA has had too many sell or issue awards and then tell AA it was theft they want that small extra bit of assurance, I suspect.
As to the hotel, presumably AA Vacations might cancel, but they might not. Having your information used to secure a travel and stay on AA Vacations as well - a separate company from American Airlines - makes this a bit different than someone breaching your AA account. You decide if you want to be out in the position of keeping track if someone checks in to "your" hotel room or not (to which the local cops might not respond, and the guest may have been given or sold the stay by the actual malefactor) or choose to contact the property to cancel and leave the guest without a room (and car if you contact the rental company?).
Just in case: once your trip is over and your miles have hit your account, destroy boarding passes. Be sure your frequent flyer number and name are secured; I've found discarded boarding passes in lounges, on airport floors, in seat back pockets... a nice gift to scam artists.
I know it's frustrating to have this happen, but persist, work with Corporate Security and things will be made right. @JonNYC #JonNYC
It's food you were signed up for the email alerts; obviously, they're working for the new account as well (I always get a password change alert when I change my password).
AA will undoubtedly transfer your existing miles to your new account. They do want a police report to formalize the issue; though police won't do anything, AA has had too many sell or issue awards and then tell AA it was theft they want that small extra bit of assurance, I suspect.
As to the hotel, presumably AA Vacations might cancel, but they might not. Having your information used to secure a travel and stay on AA Vacations as well - a separate company from American Airlines - makes this a bit different than someone breaching your AA account. You decide if you want to be out in the position of keeping track if someone checks in to "your" hotel room or not (to which the local cops might not respond, and the guest may have been given or sold the stay by the actual malefactor) or choose to contact the property to cancel and leave the guest without a room (and car if you contact the rental company?).
Just in case: once your trip is over and your miles have hit your account, destroy boarding passes. Be sure your frequent flyer number and name are secured; I've found discarded boarding passes in lounges, on airport floors, in seat back pockets... a nice gift to scam artists.
I know it's frustrating to have this happen, but persist, work with Corporate Security and things will be made right. @JonNYC #JonNYC
Oct 12, 2017, 11:06 am
#470
FlyerTalk Evangelist
Join Date: Nov 2009
Location: Northeast Kansas | Colorado Native
Programs: Amex Gold/Plat, UA *G, Hyatt Globalist, Marriott LT Gold, NEXUS, TSA Disparager Unobtanium
Posts: 21,606
Oct 12, 2017, 11:10 am
#471
Join Date: Feb 2008
Location: In the air
Programs: Hyatt Globalist, Bonvoy LT Plat, Hilton Gold, GHA Tit, BA Gold, Turkish Elite
Posts: 8,720
https://www.theregister.co.uk/2017/1...sword_sharing/
Oct 12, 2017, 11:16 am
#472
FlyerTalk Evangelist
Join Date: May 2004
Location: DFW/DAL
Programs: AA Lifetime PLT, AS MVPG, HH Diamond, NCL Platinum Plus, MSC Diamond
Posts: 21,422
This is strange. I went to the option to change my password. It wanted 3 questions answered:
Year of birth
Number of siblings
Name of high school
So, it would seem someone has access to the answers to your security questions.
You said you've changed them after the first event, so it very odd that someone would have gotten in again a short time later
Year of birth
Number of siblings
Name of high school
So, it would seem someone has access to the answers to your security questions.
You said you've changed them after the first event, so it very odd that someone would have gotten in again a short time later
Oct 12, 2017, 11:27 am
#473
Join Date: May 2006
Location: SAN
Programs: Lots of faux metal
Posts: 6,425
This is strange. I went to the option to change my password. It wanted 3 questions answered:
Year of birth
Number of siblings
Name of high school
So, it would seem someone has access to the answers to your security questions.
You said you've changed them after the first event, so it very odd that someone would have gotten in again a short time later
Year of birth
Number of siblings
Name of high school
So, it would seem someone has access to the answers to your security questions.
You said you've changed them after the first event, so it very odd that someone would have gotten in again a short time later
Oct 12, 2017, 11:56 am
#474
Join Date: Apr 2003
Location: SLC/HEL/Anywhere with a Beach
Programs: Marriott Ambassador; AA EXP 3MM; AS MVP, Hilton Gold, CH-47/UH-60/C-23/C-130 VET
Posts: 5,234
To the OP: The local police may not have the resources or want to investigate but they don't have a choice regarding taking a report. I presume AA wants this to verify that you are committed to your position as making a false police report would be criminal.
From other posts, I haven't heard of being assigned a new Aadvantage number. Is that normal?
From other posts, I haven't heard of being assigned a new Aadvantage number. Is that normal?
Oct 12, 2017, 12:02 pm
#475
Suspended
Join Date: Aug 2010
Location: DCA
Programs: UA US CO AA DL FL
Posts: 50,262
Not suggesting that OP is anything but the victim here, but all too many people are more than willing to fraudulently report their accounts hacked and points/miles used when they would never think of falsely reporting to law enforcement.
While nothing is certain, many businesses believe that frauds are cut down when customers report to law enforcement even when law enforcement does nothing about the report. You are issued an incident # or something like that and that is all AA cares about.
All of this occurred this morning and not even one day has passed. Unless there is more to this story, I would bet that OP will have his miles back and in his new account.
While nothing is certain, many businesses believe that frauds are cut down when customers report to law enforcement even when law enforcement does nothing about the report. You are issued an incident # or something like that and that is all AA cares about.
All of this occurred this morning and not even one day has passed. Unless there is more to this story, I would bet that OP will have his miles back and in his new account.
Oct 12, 2017, 12:29 pm
#477
Join Date: Jun 2017
Location: MidSouth
Programs: AA; Delta GM
Posts: 728
Quick question - where do you sign up for alerts on AA to be notified if you've made a password/email change? I do not see that option, so clearly I'm looking in the wrong place.
ETA - Nevermind. I updated one thing to see what would happen, and it triggered an email alert.
ETA - Nevermind. I updated one thing to see what would happen, and it triggered an email alert.
Last edited by aquamarinesteph; Oct 12, 2017 at 12:38 pm Reason: Figured it out for myself...
Oct 12, 2017, 1:32 pm
#478
FlyerTalk Evangelist
Join Date: May 2004
Location: DFW/DAL
Programs: AA Lifetime PLT, AS MVPG, HH Diamond, NCL Platinum Plus, MSC Diamond
Posts: 21,422
This story sounds unusual in that someone did this twice in a few hours.
Odd, since they would know the owner knows his account was hacked when they were unable to access the account after he changed the info after the first hack.
Oct 12, 2017, 2:05 pm
#479
Join Date: May 2009
Posts: 1,570
My guess is that the password was not hacked twice but instead the original hacker changed the password twice and that the emails are misleading due to the time of their receipt. I'm getting delays of several hours lately on some pretty straightforward AA emails.
Oct 12, 2017, 7:24 pm
#480
Join Date: Dec 2005
Location: South Florida
Programs: AA EXP, HH Diamond, Marriott Platinium
Posts: 1,334
Or the hacker knowns OP's information? or once it was hacked the first time, he took a look the activity and with that information he was able to reset the password (again) by just calling AA Advantage CS?.