Aug 22, 2015, 2:16 pm
Last edit by: Prospero
This thread is dedicated to issues around American Airlines AAdvantage accounts being invaded, taken over or compromised resulting in theft of awards, miles, upgrades and other instruments - and related issues.
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
For issues about account freezes or closures, airline accusations of fraud against the AAdvantage programm and the like please see: Account audit / fraud: award / miles / SWU / VIP sale, barter, etc (consolidated).
If you find your account has been breached or have unexplained activity such as awards you did not arrange, contact AA immediately to protect and gain control over your account and to be made whole.
To help protect your account, be sure
- Have a strong, protected and secure password
- check your account periodically
- be aware and keep track of your transactions
- control or destroy documents such as boarding passes
- use antivirus software- if your personal computer is hacked they can gain control of your AA account
- Be very wary of logging into your account on public computers, like at internet cafés or the hotel business center, where keystroke loggers could be installed
If your email information is correct in aa.com, changes to your account should be sent to you as follows (even if someone changes your email address, though it's of no help if someone pirates your email account):
Dear JDiver,
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Thanks for visiting AA.com. This email confirms that your account has been updated as follows.
Your contact information has been updated, but is not included in this e-mail for the security of your account.
If you did not change your contact information or if you have any concerns about your account, please contact aa.com Web Services.
If you have unsubscribed to one of our email products, we will remove your address from our mailing list as soon as possible. Please be aware that you may continue to receive emails for up to 10 business days.
If you have subscribed to AA email products and are not receiving them, your Internet Service Provider (ISP) may use filters to prevent unwanted emails from reaching your inbox. Sometimes, these filters also block messages you want to receive. In most cases, adding us to your list of trusted senders will solve this issue. In AOL, select "Add Address"; in Yahoo! Mail, Outlook or Outlook Express select "Add To Address Book"; or Hotmail or MSN, select "Save Address(es)". If you need further assistance, contact your ISP's technical support department and ask how to "whitelist" emails from AA.
AA.com
American Airlines
Account fraud / breach: my account compromised, awards taken, etc.
Jan 5, 2019, 10:08 am
#526
Join Date: Nov 2007
Programs: several:)
Posts: 34
Sounds like someone obtained access to your AA account, obviously work with AA to get your miles back but that really should be secondary. Immediately do the following:
- Change your aa.com password, I'd also do this from a different device than your home computer.
- Verify that your contact/email address on aa.com hasn't also been changed as that is often done to prevent notification of bookings.
- If you use the same password elsewhere change those passwords as well and check for any unauthorized activity on those sites. Also if you have re-used this password on other sites stop doing that - get a password manager and ensure that every site has a unique and strong (12+ characters, with special characters) password and protect your password manager with a passphrase not a password and MFA like a ubikey.
Jan 5, 2019, 10:54 am
#527
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
Thanks again for all the advise. Given that there's a passenger name, that they used their own credit card, that there may be a passport number, and that that AA might not give me my miles back, do you think it might be helpful to work with police/FBI/Secret Service (given this is a cyber crime) or with an attorney? It was 110K AA mile, so worth around $1500-1600.
FBI or Secret Service are unlikely to become involved, I suspect, given though it’s not likely an organized, widespread effort, given the particulars. Local police will take your report, but not likely do anything unless the thief lives in the same jurisdiction. AA has the information, presumably, and because it’s their airline, tickets and miles (you don’t own them, they do) they’ll do what they do. An attorney? For what purpose? Will that be cost effective? (I doubt it.)
You’ll probably get your miles back in time, from reading others’ experiences here. AA may ask for a copy of your police report.
Jan 5, 2019, 11:39 am
#528
Join Date: Apr 2003
Location: SLC/HEL/Anywhere with a Beach
Programs: Marriott Ambassador; AA EXP 3MM; AS MVP, Hilton Gold, CH-47/UH-60/C-23/C-130 VET
Posts: 5,234
Thanks again for all the advise. Given that there's a passenger name, that they used their own credit card, that there may be a passport number, and that that AA might not give me my miles back, do you think it might be helpful to work with police/FBI/Secret Service (given this is a cyber crime) or with an attorney? It was 110K AA mile, so worth around $1500-1600.
I suspect AA will give you your miles back.
The FBI and Secret Service don't have time for this unfortunately. Normally, your local police might find this too small/too difficult but if you are giving it to them on a platter and get the right person on the right day, you might get their interest.
I don't see the value of an attorney. But you could sue in small claims court. Personally, I would do so under these circumstances if I had enough information to serve the person since you have the information. Not sure you'll get anything out of it but worth trying to create some stress for the thief.
But .,.. the openness of this seems a little strange. Any idea how they got your info to be able to do this?
Keep in mind that I've had way more cybercrime/espionage problems than average but -- in one case, there were several airline tickets purchased with my Amex numbers for different people flying from China to Africa. I suspect there is some chance the people on the tickets paid cash to someone where that's a normal transaction and that person bought the tickets using my Amex after getting the cash. They may not have actually known anything was wrong.
Jan 5, 2019, 1:49 pm
#529
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,404
Is there any chance that the person who owns the AA FF account called AA (shortly before the time that the ticket was issued) and the AA phone agent left the account open, forgetting to transfer to the next person's FF account for the next call so that the ticket the next caller purchased used miles from the wrong account? These sorts of call center errors have been known to happen and would be an innocent explanation. Normally if someone wants to steal from your account, they start by changing the email address if possible so that you don't get a notice of the ticket or other spending of your miles. I also don't think of JFK-LHR as a route that's particularly prone to fraud and scams, but YMMV.
Jan 5, 2019, 3:36 pm
#531
Join Date: Dec 2014
Location: New York City + Vail, CO
Programs: American Airlines Executive Platinum, Marriott Bonvoy Ambassador Elite
Posts: 3,226
I usually get logged out of AA.com on my own computer while I'm in the middle of booking flights and flipping back and forth between other websites I'm looking at.
Jan 5, 2019, 5:30 pm
#532
Join Date: Aug 2004
Programs: AA (EP), Hilton (Diamond), Marriott Bonvoy (Titanium)
Posts: 8,937
I do, too, although unfortunately it could take a while, and AA may treat you like a criminal for a while until they are satisfied that you are an innocent victim rather than someone trying to pull a two-fer where you sell your miles and then try to get them back from AA.
At a minimum they should take a report, which AA is likely to want.
By openness you mean the fact that the ticket was issued in someone's name, charged to their credit card, with their passport details? In all likelihood, the passenger did not steal the miles, but instead either paid a mileage broker thinking it was a consolidator, or called AA to use his or her own miles.
My understanding is that tickets to/from China are common with fraud, mileage brokers, and award selling.
Yes, but I don't think anyone suggested that the OP walked away from a public computer while logged in, and someone swooped in and issued the ticket. Far more likely the OP reused an email address and password at AA and other sites, one or more of which was hacked. Or, an innocent mix-up with the AA phone system as mentioned.
Keep in mind that I've had way more cybercrime/espionage problems than average but -- in one case, there were several airline tickets purchased with my Amex numbers for different people flying from China to Africa. I suspect there is some chance the people on the tickets paid cash to someone where that's a normal transaction and that person bought the tickets using my Amex after getting the cash. They may not have actually known anything was wrong.
Is there any chance that the person who owns the AA FF account called AA (shortly before the time that the ticket was issued) and the AA phone agent left the account open, forgetting to transfer to the next person's FF account for the next call so that the ticket the next caller purchased used miles from the wrong account? These sorts of call center errors have been known to happen and would be an innocent explanation.
Yes, these sorts of errors do sometimes happen. I think usually the phone system populates the agent's screen with the account info of the caller, and on occasion there have been glitches where the phone system didn't do so, and the agent didn't notice that the account info was the same as the previous call.
Good point.Yes, but I don't think anyone suggested that the OP walked away from a public computer while logged in, and someone swooped in and issued the ticket. Far more likely the OP reused an email address and password at AA and other sites, one or more of which was hacked. Or, an innocent mix-up with the AA phone system as mentioned.
Apr 2, 2019, 4:36 pm
#534
Join Date: Jun 2011
Programs: United Premier Platinum
Posts: 638
EDIT: Oh, nvm, took me awhile to realize that this wasn’t the same thread as the one with the recent police report fiasco.
Last edited by mcrw00; Apr 2, 2019 at 4:44 pm
Apr 22, 2019, 9:21 am
#535
Join Date: Apr 2003
Location: SLC/HEL/Anywhere with a Beach
Programs: Marriott Ambassador; AA EXP 3MM; AS MVP, Hilton Gold, CH-47/UH-60/C-23/C-130 VET
Posts: 5,234
I think these "I'm accused of defrauding AA" and "Someone defrauded me//AA" are different topics 
I like two factor authentication, even though its not perfect.
I like two different threads to address the different topics too
I like two factor authentication, even though its not perfect.
I like two different threads to address the different topics too
Apr 22, 2019, 10:12 am
#536
Suspended
Join Date: Sep 2006
Programs: AAdvantage PP
Posts: 13,913
I find the use of a soft token (2 factor authentication) a pain since I'm often logging onto aa.com from my phone. AA always sends out an email within 24 hours of an award ticket being booked. To me that should catch the bulk of fraudulent activity, unless someone just ignores that email. I guess the question is how frequent is fraud occurring with AAdvantage accounts? Is this a real issue or just a FT conceived problem?
Apr 22, 2019, 11:54 am
#537
Suspended
Join Date: Mar 2001
Location: FIND ME ON TWITTER FOR THE LATEST
Posts: 27,730
Jun 2, 2019, 8:28 am
#538
Join Date: Jun 2011
Location: I 35 south bound, finally stopped
Programs: LT Plt, 4mm, *A GLD, burned out medical provider, executing our estate plan
Posts: 1,665
Data point. Got an email from AA about a 15000 mile award this am in my wife's account. The trip locator was with the award. The flight had been booked by an agency. The traveler works for a very large automobile company as a national fleet person and clearly travels a lot in that job. I had time to google said passenger because the wait time for the EXP line was 90 minutes. It appears that person has a multi-leg transcon and the miles were used to upgrade on a couple of legs, starting tomorrow. When i finally talked to an outstanding EXP agent we both tried to figure out where the glitch came from. My wifes and the passenger have a completely different FF number and name. She never logs in to her AA account, and I have not in months. Her password is unique for her account and is not shared with any other account. So, either the agency did the upgrade (we rarely use agents so unlikely they have her FF account number), the flyer did (not likely, flyer is pretty easy to track on Google) or it was an AA IT glitch. Any way the EXP desk fixed it immediately, and i fired off an email to customer service to let them know it happened. I don't think it was a hack like others have posted here. Mods please move if this is the wrong forum.
Jun 2, 2019, 5:18 pm
#539
Join Date: Aug 2004
Programs: AA (EP), Hilton (Diamond), Marriott Bonvoy (Titanium)
Posts: 8,937
Data point. Got an email from AA about a 15000 mile award this am in my wife's account. The trip locator was with the award. The flight had been booked by an agency. The traveler works for a very large automobile company as a national fleet person and clearly travels a lot in that job. I had time to google said passenger because the wait time for the EXP line was 90 minutes. It appears that person has a multi-leg transcon and the miles were used to upgrade on a couple of legs, starting tomorrow. When i finally talked to an outstanding EXP agent we both tried to figure out where the glitch came from. My wifes and the passenger have a completely different FF number and name. She never logs in to her AA account, and I have not in months. Her password is unique for her account and is not shared with any other account. So, either the agency did the upgrade (we rarely use agents so unlikely they have her FF account number), the flyer did (not likely, flyer is pretty easy to track on Google) or it was an AA IT glitch. Any way the EXP desk fixed it immediately, and i fired off an email to customer service to let them know it happened. I don't think it was a hack like others have posted here. Mods please move if this is the wrong forum.
Jun 2, 2019, 5:29 pm
#540
Join Date: Jul 2009
Location: SJC
Programs: AA, AS, Marriott
Posts: 6,060
Like my case, I suspect user error, not maliciousness, given the information that you could find out about the person traveling.
