Avios fraudulently debited from my BAEC account
Sep 13, 2023, 8:18 am
#1
Original Poster
Join Date: Sep 2020
Posts: 95
Avios fraudulently debited from my BAEC account
Horrified today to log on to my BAEC account only to find it 135,000 Avios lighter. Looking at recent transactions it shows a debit in the last week of August titled “Qatar Exchange”. Immediately phone BAEC bronze line and ended up talking to a helpful agent. The long and short is I’ve agreed for my account to be locked while their fraud team investigates. I don’t have a Qatar account, nor do I have any Qatar flights booked. Desperately hoping I get my hard earned Avios (money!) back. Apparently the investigation will take up to three weeks. Wondering if anyone else has suffered similar?
Sep 13, 2023, 9:27 am
#2
Join Date: Jan 2019
Programs: BA Exec Blue
Posts: 86
Horrified today to log on to my BAEC account only to find it 135,000 Avios lighter. Looking at recent transactions it shows a debit in the last week of August titled “Qatar Exchange”. Immediately phone BAEC bronze line and ended up talking to a helpful agent. The long and short is I’ve agreed for my account to be locked while their fraud team investigates. I don’t have a Qatar account, nor do I have any Qatar flights booked. Desperately hoping I get my hard earned Avios (money!) back. Apparently the investigation will take up to three weeks. Wondering if anyone else has suffered similar?
Sep 13, 2023, 9:47 am
#5
Original Poster
Join Date: Sep 2020
Posts: 95
Sep 13, 2023, 10:28 am
#7
Join Date: Dec 2007
Location: London
Programs: BAEC, QRPC, Amex MR, World of Hyatt, IHG one rewards, Hilton Honors, Marriott Bonvoy, etc…
Posts: 689
I have not seen this been reported before and would be interested in the outcome of the investigation.
What is really strange is that if I am not mistaken, to link the BAEC account to the Qatar Privilege account, the details needs to match exactly, not only the name etc, but also the email address. I remember that in order to get the sign up bonus when they launched their Avios scheme, I had to create a new account, close my old one and then switch my email address on the new one so to link it to the BA account and move the Avios I just earned .
What is really strange is that if I am not mistaken, to link the BAEC account to the Qatar Privilege account, the details needs to match exactly, not only the name etc, but also the email address. I remember that in order to get the sign up bonus when they launched their Avios scheme, I had to create a new account, close my old one and then switch my email address on the new one so to link it to the BA account and move the Avios I just earned .
Last edited by marcopizzaiuolo; Sep 13, 2023 at 10:36 am
Sep 13, 2023, 10:33 am
#8
FlyerTalk Evangelist
Join Date: Jul 1999
Location: ORD/MDW
Programs: BA/AA/AS/B6/WN/ UA/HH/MR and more like 'em but most felicitously & importantly MUCCI
Posts: 19,719
Not with BAEC, but I had my Hilton Honors account zeroed a few years ago -- 700k points pilfered via an exploited vulnerability related to a new Amazon redemption channel -- and the Hilton people were good enough to own it, replenish my account immediately, and change my Honors number. That is the standard of care I would expect in any breach of this sort.
I'm sorry for your experience, OP. It is a bit jarring when it happens.
I'm sorry for your experience, OP. It is a bit jarring when it happens.
Sep 13, 2023, 10:44 am
#9
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,619
What is really strange is that if I am not mistaken, to link the BAEC account to the Qatar Privilege account, the details needs to match exactly, not only the name etc, but also the email address. I remember that in order to get the sign up bonus when they launched their Avios scheme, I had to create a new account, close my old one and then switch my email address on the new one so to link it to the BA account and move the Avios I just earned .
Sounds like somebody has got into the OPs account.
Sep 13, 2023, 10:46 am
#10
Original Poster
Join Date: Sep 2020
Posts: 95
Not with BAEC, but I had my Hilton Honors account zeroed a few years ago -- 700k points pilfered via an exploited vulnerability related to a new Amazon redemption channel -- and the Hilton people were good enough to own it, replenish my account immediately, and change my Honors number. That is the standard of care I would expect in any breach of this sort.
I'm sorry for your experience, OP. It is a bit jarring when it happens.
I'm sorry for your experience, OP. It is a bit jarring when it happens.
Sep 13, 2023, 10:50 am
#11
Original Poster
Join Date: Sep 2020
Posts: 95
I recall a massive BA data breach around 2018/19, I wonder if it’s something relating to that? The thing is there is no 2FA for routine logging on to BA, maybe there should be!?
Sep 13, 2023, 10:53 am
#12
Join Date: Nov 2015
Location: London
Programs: BA Gold
Posts: 1,683
Sep 14, 2023, 2:39 pm
#14
Join Date: Jul 2018
Posts: 42
I've had similar earlier this year.
in April I got an email from BA saying avios had been used to redeem for 6 adults, gocity passes in Dubai.
It was a long (11 week) process with BA and took chasing over and over to get resolved. Appalling treatment of customers due to their own IT failings.
in April I got an email from BA saying avios had been used to redeem for 6 adults, gocity passes in Dubai.
It was a long (11 week) process with BA and took chasing over and over to get resolved. Appalling treatment of customers due to their own IT failings.
Sep 15, 2023, 12:23 am
#15
Original Poster
Join Date: Sep 2020
Posts: 95
I've had similar earlier this year.
in April I got an email from BA saying avios had been used to redeem for 6 adults, gocity passes in Dubai.
It was a long (11 week) process with BA and took chasing over and over to get resolved. Appalling treatment of customers due to their own IT failings.
in April I got an email from BA saying avios had been used to redeem for 6 adults, gocity passes in Dubai.
It was a long (11 week) process with BA and took chasing over and over to get resolved. Appalling treatment of customers due to their own IT failings.