PSA: Check your BA accounts for fraud
I just posted this on reddit, but figured would echo it here as well.
Just logged on to check mine the other day and noticed a 30,000 point Avios redemption from May 12th. I had not made any bookings nor did I receive an email about one being made. Immediately changed my password and started dialogue with BA. Turns out the points were used to book an inter-Russian flight for 2 passengers. They read me the names and said that the itinerary confirmation email was sent to another email address. Case has been moved to the audit department as fraudulent activity to hopefully get my points back. Could be isolated, but figured I would put that out there in case you don't check all your accounts daily, especially the ones that you don't use often. |
Thanks for the warning. Seems to be a regular occurrence though.
Am surprised the system does not send you any warning at any point: assume the hacker manages to login as you. They then change the email address to theirs. Then make the booking, and get the confirmation on their new email. I would expect that a change in personal data (in this case, email) would result in a confirmation email to your old email address from the system - prompting you to login and check what has happened. Obviously the system does not do that - despite emailing you for loads of other reasons from booking confirmation, 'prepare to fly in 16 days', you have changed your seat request etc. Odd... |
Worth using Award Wallet for this purpose - you get a weekly digest with all your loyalty programme movements from that week, so at least you should notice fairly soon after the attack - hopefully soon enough to contact BA and get the avios refunded.
|
I would add that recently I checked my personal details and found my telephone number was now Russian..all log in info was changed immediately.
Appears to be a trend for this, from whats being reported here. |
Originally Posted by Jpr0930
(Post 26647027)
I just posted this on reddit, but figured would echo it here as well.
Just logged on to check mine the other day and noticed a 30,000 point Avios redemption from May 12th. I had not made any bookings nor did I receive an email about one being made. Immediately changed my password and started dialogue with BA. Turns out the points were used to book an inter-Russian flight for 2 passengers. They read me the names and said that the itinerary confirmation email was sent to another email address. Case has been moved to the audit department as fraudulent activity to hopefully get my points back. Could be isolated, but figured I would put that out there in case you don't check all your accounts daily, especially the ones that you don't use often. There was a post on here not long ago with the same scenario and from memory it was inter russian flights / Russia located. Seems more than one Avios account is being targeted. Although could be a coincidence |
Originally Posted by Takiteasy
(Post 26647093)
Thanks for the warning. Seems to be a regular occurrence though.
Am surprised the system does not send you any warning at any point: assume the hacker manages to login as you. They then change the email address to theirs. Then make the booking, and get the confirmation on their new email. I would expect that a change in personal data (in this case, email) would result in a confirmation email to your old email address from the system - prompting you to login and check what has happened. Obviously the system does not do that - despite emailing you for loads of other reasons from booking confirmation, 'prepare to fly in 16 days', you have changed your seat request etc. Odd... |
To me this sounds more like a phone agent error (intentional or not), not a normal hack. OP, did you enquire who's credit card was used?
|
Originally Posted by cgtechuk
(Post 26647217)
There was a post on here not long ago with the same scenario and from memory it was inter russian flights / Russia located. Seems more than one Avios account is being targeted. Although could be a coincidence
http://www.flyertalk.com/forum/briti...y-account.html http://www.flyertalk.com/forum/briti...os-hacked.html http://www.flyertalk.com/forum/briti...os-points.html Everyone should ensure their BA.com password is unique to BA, not shared with other accounts, Apps, store cards etc, and ideally changed monthly. |
Originally Posted by Engineering Travel
(Post 26647142)
I would add that recently I checked my personal details and found my telephone number was now Russian ...
|
Originally Posted by Engineering Travel
(Post 26647142)
I would add that recently I checked my personal details and found my telephone number was now Russian..all log in info was changed immediately.
Appears to be a trend for this, from whats being reported here. I ask because there was a glitch where BA deleted the +44 dialling code so that your mobile number started with a '7', which it then registered as being a Russian number (Russian dialling code). So: +44 7712 345678 became +7 712345678 If that makes sense. People complained on here that it kept happening repeatedly. |
Originally Posted by Deltus
(Post 26647116)
Worth using Award Wallet for this purpose - you get a weekly digest with all your loyalty programme movements from that week, so at least you should notice fairly soon after the attack - hopefully soon enough to contact BA and get the avios refunded.
|
Originally Posted by Tiger_lily
(Post 26649096)
It was Award Wallet that triggered the mass temporary suspension of accounts last year wasn't it?
I changed all my passwords yesterday as a result of quite a few breaches of security at my end as well, including my BA account which became temporarily locked due to repeated attempts to login. It would be great if BA would introduce 2FA (ideally, with a mobile text or phone call). |
Originally Posted by Tiger_lily
(Post 26649096)
It was Award Wallet that triggered the mass temporary suspension of accounts last year wasn't it?
I would not recommend changing your password regularly if you have not been hacked. |
All times are GMT -6. The time now is 10:55 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.