GM got a complimentary upgrade before PM
#76
Join Date: Nov 2012
Location: PBI/FLL/MIA
Programs: DL DM/2MM, MR Ambassador, National EE
Posts: 1,614
"Online school"... Lol... I'll give OP one thing, they could actually be 16. As the parent of 4 grown adult children I will personally vouch for the fact that 16 year olds have an answer for everything and know everything there is to know about any and everything, lol. That said, no way in hell any of my kids would have been flying around the country at their leisure at that age.
#78
Join Date: Nov 2012
Location: Minutes from ATL
Programs: DL
Posts: 436
Slightly on topic, there is one bug and one security "flaw" I know about:
-The release of RU inventory is not synchronized with the upgrade system. There exists points in time where there is an upgrade available that hasn't been distributed to fliers. If you are PM/DM, check buying a ticket on your flights 4-7 days out. Sometimes you'll see "upgrade available" and if you book it, the upgrade will process immediately on the new ticket.
-Many portions of the name entered are not validated. For example, only the first letter of the last name at login is validated. The other letters must be there, but in any order. For example, "Smith" "Shtmi" and "Shtim" are all valid last names in the username+password+lastname system. Furthermore, only the last name and first initial are validated with "view my reservation". For example, John Smith, 54ASDF could "view my trips" as "Justplaindumb" "Smith".
Anyway, the 16 year old crowd likes to do something called "swatting" in which they use a caller-ID spoof among other things to make a report to local police that causes a home raid. Another thing "doxxing" is a research/social engineering technique that reveals personal details like phone number. For example with simply your phone number, someone could use a caller-ID spoof and call DL. The result would be an automated system that could divulge trip details like PNR without any actual conversation. From there, a last name + first initial could give full access to the reservation, including seat modification and cancellation.
-The release of RU inventory is not synchronized with the upgrade system. There exists points in time where there is an upgrade available that hasn't been distributed to fliers. If you are PM/DM, check buying a ticket on your flights 4-7 days out. Sometimes you'll see "upgrade available" and if you book it, the upgrade will process immediately on the new ticket.
-Many portions of the name entered are not validated. For example, only the first letter of the last name at login is validated. The other letters must be there, but in any order. For example, "Smith" "Shtmi" and "Shtim" are all valid last names in the username+password+lastname system. Furthermore, only the last name and first initial are validated with "view my reservation". For example, John Smith, 54ASDF could "view my trips" as "Justplaindumb" "Smith".
Anyway, the 16 year old crowd likes to do something called "swatting" in which they use a caller-ID spoof among other things to make a report to local police that causes a home raid. Another thing "doxxing" is a research/social engineering technique that reveals personal details like phone number. For example with simply your phone number, someone could use a caller-ID spoof and call DL. The result would be an automated system that could divulge trip details like PNR without any actual conversation. From there, a last name + first initial could give full access to the reservation, including seat modification and cancellation.
#79
Join Date: Jul 2014
Location: BWI
Programs: DL FO
Posts: 312
I don't think this is the case. Usually when I call in myself, they ask me which trip, my full name, and because my tickets have been cancelled before, they ask to verify the address on file, my date of birth, email address and passcode documented.
How would somebody with the same name be able to verify all of my information? This seems like a case of someone that I know who is trying to do this just to cause me pain when I travel.
I also do not think it is a random person because what benefit does the person who is cancelling the tickets get?
I just can't think of anyone that would do this though... I will leave this to the police so they can trace the IP address, and or the phone numbers used to call DL and cancel the tickets.
How would somebody with the same name be able to verify all of my information? This seems like a case of someone that I know who is trying to do this just to cause me pain when I travel.
I also do not think it is a random person because what benefit does the person who is cancelling the tickets get?
I just can't think of anyone that would do this though... I will leave this to the police so they can trace the IP address, and or the phone numbers used to call DL and cancel the tickets.
#80
Join Date: Sep 2013
Location: CHI
Posts: 501
Just a heads up that all of this information is available online. Anyone who googles your handle can find your email address and full name. From that they can find everything else. I'm not speaking hypothetically - I checked out of curiosity, and was able to find all of that in less than 5 minutes. The only wildcard is the trip, but I have a feeling that would be easy to glean from conversation. Giving the benefit of the doubt that you are 100% genuine here - please take some time to separate the internet trail for your work and social accounts.
#81
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,417
I can't imagine the police being so interested in this. Plus, if it's a friend or family member, do you want the person to be thrown in jail?
#82
FlyerTalk Evangelist
Join Date: Sep 2006
Location: Toledo, OH
Programs: Delta DM & MM, Hilton DM, Marriott gold, Hyatt Globalist, Alaska 75K, Wyndham Diamond,
Posts: 15,399
As far as being a friend involved, if they were doing this kind of stuff to the OP, then they aren't a true friend and I wouldn't have an issue with them getting arrested. If it's one of his friends and they are under 18 they will get a hand slap anyway and not go to Juvie or jail and it might be a good thing, imagine what they will be doing as adults if they are doing this stuff at kids. Might be enough to scare them into getting their act together.
#83
FlyerTalk Evangelist
Join Date: Jun 2004
Location: MSP
Programs: DL PM, MM, NR; HH Diamond, Bonvoy LT Gold, Hyatt Explorist, IHG Diamond, others
Posts: 12,159
As I said, they won't be very interested (not enough damages). But there is the issue of "identity theft" so it can look like a felony bust if they want.
#85
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,417
#86
FlyerTalk Evangelist
Join Date: Sep 2006
Location: Toledo, OH
Programs: Delta DM & MM, Hilton DM, Marriott gold, Hyatt Globalist, Alaska 75K, Wyndham Diamond,
Posts: 15,399
#87
Join Date: Jul 2008
Location: Exactly where I want to be
Programs: IHG Gold,SPG Gold, HH Gold, Marriott Gold, Hyatt Discoverist, Delta Kettle, AMEX Plat, DL AMEX Plat
Posts: 1,434
#88
Join Date: Apr 2015
Location: USA
Programs: DL Gold / AA Gold
Posts: 609
If all this checks out that in a very short time span, you got screwed on your bookings and your upgrades.
My advice: change airline. You are not meant for this airline. God knows what other catastrophe you will bring to Delta (guessing when you turn 21 your unopened Woodford is filled with apple juice)
My advice: change airline. You are not meant for this airline. God knows what other catastrophe you will bring to Delta (guessing when you turn 21 your unopened Woodford is filled with apple juice)