I've been hacked!
Feb 15, 2019, 9:54 am
#31
Join Date: Nov 2013
Location: PHX, SEA
Programs: Avis President's Club, Global Entry, Hilton/Marriott Gold. No more DL/AA status.
Posts: 4,421
I don't have much to add, but definitely change your email password, then the BAEC password. To be absolutely certainl I would run something like Malewarebytes (free) on your system to be absolutely sure you haven't got any nasties on your machine.
Hopefully the hacker hasn't got your credit card info too....perhaps a call/check with Amex and any other cards may be prudent.
Hopefully the hacker hasn't got your credit card info too....perhaps a call/check with Amex and any other cards may be prudent.
Feb 15, 2019, 9:58 am
#32
Moderator: British Airways Executive Club
Join Date: Nov 2010
Location: TPA/ABZ
Programs: BA Lifetime Gold. GGL/CCR.
Posts: 13,242
Feb 15, 2019, 10:08 am
#33
Join Date: Feb 2018
Programs: EC Silver FC Silver
Posts: 34
Can't see how the password was obtained by force (given account locking mechanism), and sure if the modernizr breach had been collecting Executive Numbers / Password BA would have notified customers (even they can't be THAT incompetent).
Do you use any online aggregation tools like Award Wallet out of interest?
Feb 15, 2019, 10:35 am
#34
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: Freeload Univ. Where are you sitting?
Posts: 14,818
No worries, mate.
No. I keep all my info on an external hard drive, which is normally off.
Interestingly enough, the fees, YQ, etc. were paid with a credit card (Master Card) that I don't recognize. If someone wanted to take the trouble, I suppose they could try to trace that back, though it's likely a stolen number, too.
For passwords, I tend to use a combination of letters/numbers/caps/special characters that I find easy to remember, but unless you're a ham radio operator from the vacuum tube era, the string would make no sense to you.
Interestingly enough, the fees, YQ, etc. were paid with a credit card (Master Card) that I don't recognize. If someone wanted to take the trouble, I suppose they could try to trace that back, though it's likely a stolen number, too.
For passwords, I tend to use a combination of letters/numbers/caps/special characters that I find easy to remember, but unless you're a ham radio operator from the vacuum tube era, the string would make no sense to you.
Feb 15, 2019, 10:49 am
#35
Join Date: Oct 2014
Location: UK
Programs: BAEC
Posts: 1,795
The logic of this cartoon is a little off (since there are dictionary attacks)
https://xkcd.com/936/
But it's funny and some sites now disallow correcthorsebatterystaple as a valid password as a result.
https://xkcd.com/936/
But it's funny and some sites now disallow correcthorsebatterystaple as a valid password as a result.
Feb 15, 2019, 11:12 am
#36
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: Freeload Univ. Where are you sitting?
Posts: 14,818
Ha!
Just got another email from BA, confirming that I have changed my email address (probably the scammer is smartening up). Immediately called them and notified them of the action and that it was not my doing.
They are "investigating" and will let me know, but not to worry. Hmmm.
I also inquired about changing the account number - they told me I could do it, but best wait until they finish their "investigation".
Curiouser and curiouser.
Just got another email from BA, confirming that I have changed my email address (probably the scammer is smartening up). Immediately called them and notified them of the action and that it was not my doing.
They are "investigating" and will let me know, but not to worry. Hmmm.
I also inquired about changing the account number - they told me I could do it, but best wait until they finish their "investigation".
Curiouser and curiouser.
Feb 15, 2019, 11:47 am
#38
Join Date: Jan 2008
Posts: 3,835
Ha!
Just got another email from BA, confirming that I have changed my email address (probably the scammer is smartening up). Immediately called them and notified them of the action and that it was not my doing.
They are "investigating" and will let me know, but not to worry. Hmmm.
I also inquired about changing the account number - they told me I could do it, but best wait until they finish their "investigation".
Curiouser and curiouser.
Just got another email from BA, confirming that I have changed my email address (probably the scammer is smartening up). Immediately called them and notified them of the action and that it was not my doing.
They are "investigating" and will let me know, but not to worry. Hmmm.
I also inquired about changing the account number - they told me I could do it, but best wait until they finish their "investigation".
Curiouser and curiouser.
Perhaps the email change took place before you changed your password? I assume your account has been completely locked out by BA after you told them this?
Feb 15, 2019, 11:57 am
#39
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: Freeload Univ. Where are you sitting?
Posts: 14,818
If the email address was changed after you’ve changed your password you may have some kind of key logger on your computer or a man in the middle issue.
Perhaps the email change took place before you changed your password? I assume your account has been completely locked out by BA after you told them this?
Perhaps the email change took place before you changed your password? I assume your account has been completely locked out by BA after you told them this?
As of now, the account is locked until further notice - after which, I'll change the account number and hopefully put a stop to this nonsense.
Feb 15, 2019, 12:46 pm
#40
Join Date: Jan 2008
Posts: 3,835
When I talked to them last night, right after I changed my password, I couldn't get in because the account was locked. It still is this morning, so I'm presuming the scammer changed the email addy before then. He must have realized his mistake when the ticket was cancelled.
As of now, the account is locked until further notice - after which, I'll change the account number and hopefully put a stop to this nonsense.
As of now, the account is locked until further notice - after which, I'll change the account number and hopefully put a stop to this nonsense.
But if as is likely (hopefully) they changed it before you changed your password, then whilst it may give you comfort to change your exec club number, it isn’t necessary if you have a strong password.
Do make sure and change all your other online passwords though.
Feb 15, 2019, 2:09 pm
#41
Join Date: May 2017
Posts: 2,016
I think that scamming two people for the same booking is a strange strategy. The more people you scam for the same booking, the higher the probability that one of the victims will spot this before the flight's departure, so scamming as few people as possible seems optimal.
I suspect that the thief found that there was insufficient money on the credit card for a revenue booking and so used this method to save some money.
I agree that it sounds as if the OP may have been added to the booking to make it look more credible.
Feb 15, 2019, 3:06 pm
#43
Join Date: Jan 2006
Location: London
Programs: BA Gold, VS Silver, Alitalia Freccia Alta, Starwood Gold, Hilton Diamond, Accor Platinum
Posts: 408
The logic of this cartoon is a little off (since there are dictionary attacks)
https://xkcd.com/936/
But it's funny and some sites now disallow correcthorsebatterystaple as a valid password as a result.
https://xkcd.com/936/
But it's funny and some sites now disallow correcthorsebatterystaple as a valid password as a result.
(As alluded to in the title text of the cartoon: "To anyone who understands information theory and security and is in an infuriating argument with someone who does not (possibly involving mixed case), I sincerely apologize." )
Feb 15, 2019, 4:05 pm
#44
FlyerTalk Evangelist
Original Poster
Join Date: Nov 2002
Location: Freeload Univ. Where are you sitting?
Posts: 14,818
BTW - I contacted the State Department when I thought the guy might have a forged passport. They take that sort of stuff very seriously. Since I have the email of the person who was accompanying the scammer, and, as it seems, the scammer has re-directed the email address to himself, they might have something to go on.
Feb 15, 2019, 11:44 pm
#45
Join Date: Oct 2014
Location: UK
Programs: BAEC
Posts: 1,795
Ok you got me. I should have left off the late night kibitzing and just posted the link. Let's *please* not get into a flame war on who understands information theory and who doesn't
You might guess I'm a big fan of Randall Munroe
Duty Calls
https://xkcd.com/386/
Upgoer5
http://splasho.com/upgoer5/?i=H29gMJ9hMFOcplO3pz9hMlOcovO3nTS0VUEbMKxtLKWyVUA urJyhMljtL2ShVRxtoJSeMFO0nTIgVUAurFO0nTHtpzyanUDtq TucozptLaxtpT9coaEcozptnKDto3I0ClOHnTI5VT1cM2u0VTq yqPOwpz9mplOuozDtp2S5VTWuMPO0nTyhM3ZtqT8toJHtLKZtq 2IfoP4t
You might guess I'm a big fan of Randall Munroe
Duty Calls
https://xkcd.com/386/
Upgoer5
http://splasho.com/upgoer5/?i=H29gMJ9hMFOcplO3pz9hMlOcovO3nTS0VUEbMKxtLKWyVUA urJyhMljtL2ShVRxtoJSeMFO0nTIgVUAurFO0nTHtpzyanUDtq TucozptLaxtpT9coaEcozptnKDto3I0ClOHnTI5VT1cM2u0VTq yqPOwpz9mplOuozDtp2S5VTWuMPO0nTyhM3ZtqT8toJHtLKZtq 2IfoP4t
Last edited by DeathSlam; Feb 16, 2019 at 3:57 am Reason: Added upgoer 5 link
