Aug 22, 2015, 2:16 pm
Last edit by: Prospero
This thread is dedicated to issues around American Airlines AAdvantage accounts being invaded, taken over or compromised resulting in theft of awards, miles, upgrades and other instruments - and related issues.
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
- Have a strong, protected and secure password
- check your account periodically
- be aware and keep track of your transactions
- control or destroy documents such as boarding passes
- use antivirus software- if your personal computer is hacked they can gain control of your AA account
- Be very wary of logging into your account on public computers, like at internet cafés or the hotel business center, where keystroke loggers could be installed
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
Dear JDiver,
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Account fraud / breach: my account compromised, awards taken, etc.
Dec 22, 2022, 10:58 am
#572
Join Date: Feb 2010
Location: YVR
Posts: 1,465
I tried canceling it, it wasn't showing under trips. It was only showing in mileage activity. I caught it right away, like 5 minutes after it was booked.
Dec 22, 2022, 11:18 am
#573
Join Date: Aug 2003
Posts: 324
Was there a special fraud number you were able to call, that got you connected immediately?
My concern would be having to call the general number, and being put in a 4 hour queue, by which time the Advantage account could be completely drained.
My concern would be having to call the general number, and being put in a 4 hour queue, by which time the Advantage account could be completely drained.
Dec 22, 2022, 12:29 pm
#574
Join Date: Feb 2010
Location: YVR
Posts: 1,465
Called regular number, said advantage account to voice recognition, was connected in a minute, then got transferred to the fraud department.
Dec 24, 2022, 11:27 am
#575
Join Date: Feb 2010
Location: YVR
Posts: 1,465
After AA hack, the same exact hack happened in my BA account. Also email bomb, followed by redemption of Avios at a Marriott hotel in Paris.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Dec 24, 2022, 1:12 pm
#576
Join Date: Jan 2011
Location: Washington, D.C.
Programs: AA, but I play the field
Posts: 1,440
After AA hack, the same exact hack happened in my BA account. Also email bomb, followed by redemption of Avios at a Marriott hotel in Paris.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Sorry to hear about this, and am glad AA responded quickly to your concerns. Of the two potential sources you mention, I thought that Award Wallet no longer stores login information for AA . . . https://travelingformiles.com/americ...wallet-access/
Dec 24, 2022, 2:41 pm
#577
Join Date: Jul 2021
Location: Dallas, TX
Programs: AA, WN
Posts: 153
After AA hack, the same exact hack happened in my BA account. Also email bomb, followed by redemption of Avios at a Marriott hotel in Paris.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Looks like all my loyalty program accounts are somehow compromised. My logins and passwords are saved only in two places: my Google account and awardwallet. Both have two factor authentication turned on. I think the leak is one of these two.
Dec 24, 2022, 2:57 pm
#578
Join Date: Feb 2010
Location: YVR
Posts: 1,465
My Google account has not been hacked. It's double factor also, and I checked all logged in devices etc, there was nothing suspicious. I have no idea where the hackers got my account login info for AA and BA. Both were used in the last couple of days, and both used the email bomb to flood my inbox so that I don't notice the emails from AA and BA.
Mar 30, 2023, 6:02 am
#579
Join Date: Jun 2012
Location: CLT
Programs: AA Plat Pro, SPG Gold, Hilton Diamond
Posts: 193
Got an email last night that a new email had been attached to my account
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
Mar 30, 2023, 6:31 am
#580
Join Date: Jan 2011
Location: Philadelphia, PA
Programs: AAdvantage Exec Platinum, Hertz #1 Club Gold Five Star, IHG Platinum, Marriott Gold, HHonors Silver
Posts: 2,039
Got an email last night that a new email had been attached to my account
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
Apr 1, 2023, 7:33 am
#581
Join Date: Dec 2014
Posts: 8
AA hacked?
Yesterday about 4 pm I suddenly got 493 spam emails. The only one not spam was a redemption for miles from my acct in another name. Turns out there were 3 reservations made. Got them canceled (they were flying out at 11am today). AA said there are quite a few false reservations using the same names you might want to check your accounts.
Apr 3, 2023, 11:02 am
#582
Join Date: Jun 2012
Location: CLT
Programs: AA Plat Pro, SPG Gold, Hilton Diamond
Posts: 193
Got an email last night that a new email had been attached to my account
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
I immediately got on and changed the email back and changed my password
Contacted customer service and, after discussion, decided that the best option was to get an entirely new Aadvantage #.
During this call, no activity of concern was on my account
At the end of the call I was reassured that the old account was inactivated
I was reassured that everything would port over to the new account essentially immediately, except for the Admirals Club access (2 weeks apparently)
The upcoming reservation for the end of April did port over.
I woke up this morning to an email of a rewards redemption on my old number for 60,000 miles
Customer service not available until 8AM on the East Coast.
The regular agent was able to see that reservation had been cancelled bit the miles had not been returned to my account - she rectified that
I was given a direct number to call them at (888-882-8880) and told not to accept the call back option...apparently that puts you back in the regular queue.
Happy to update as more happens if people would like
New account made an miles, including the ones reinstated to my account from the fraudulent booking, have been transferred over to the new account
My status, however has not made it over now 5 days later
They were very interested in my establishing an actual username to log in with as opposed to the Aadvantage #
I was told that the Admirals Club access transfer could take as long as 2 weeks to make
Last edited by davidgrahammd; Apr 3, 2023 at 11:17 am
May 31, 2023, 12:30 pm
#583
FlyerTalk Evangelist
Join Date: Jun 2003
Location: DEN
Programs: UA MM Plat; AA MM Gold; HHonors Diamond
Posts: 15,866
Got hacked at the end of April...360,000+ miles redeemed. Found out today when I couldn't log in.
No notification of any kind from AA/AAdvantage regarding changed email or redemptions.
Some of these hackers are really good.
No notification of any kind from AA/AAdvantage regarding changed email or redemptions.
Some of these hackers are really good.
May 31, 2023, 3:18 pm
#584
Join Date: Nov 2017
Location: CLT
Programs: AA EXP, 2 Million Miler
Posts: 821
May 31, 2023, 3:59 pm
#585
FlyerTalk Evangelist
Join Date: Jun 2003
Location: DEN
Programs: UA MM Plat; AA MM Gold; HHonors Diamond
Posts: 15,866
Got instructions on the steps I need to take to get the miles back. Already files the required police report. AA calculated that the stolen miles were worth almost $11k.
Quite an interesting list of folks in whose names the miles were redeemed. Googling them turns up real people...I'm sure the hacker put out ads selling cheap AA tickets and these folks responded.
They wanted me to use a different email for the new account they created, so I gave them my work email. I then created another Gmail account/email and updated the new AA account with that email, and immediately got emails at both the old and new accounts indicating that my email address had been updated. I'd love to know how the hackers circumvent that security protocol. Looking upthread it's also happened to others...no emails, no nothing.
Quite an interesting list of folks in whose names the miles were redeemed. Googling them turns up real people...I'm sure the hacker put out ads selling cheap AA tickets and these folks responded.
They wanted me to use a different email for the new account they created, so I gave them my work email. I then created another Gmail account/email and updated the new AA account with that email, and immediately got emails at both the old and new accounts indicating that my email address had been updated. I'd love to know how the hackers circumvent that security protocol. Looking upthread it's also happened to others...no emails, no nothing.
Last edited by Bonehead; May 31, 2023 at 4:04 pm