dionnec123

For some reason, I check my account regularly. I checked it today and noticed that I was missing 375,000 points. Logged in and saw that there were three separate point transactions for airline miles - each for 125,000 points. This was done yesterday.

Immediately called Marriott Rewards. Was on hold/the phone for about 45 minutes. I have to file a police report, fill out a required form (notarized), and send a copy of my drivers license in order to get the points back. Fortunately, it was caught in time to get the points back and for them to stop the transfer of the airline miles.

The first thing I tried to do was to change my password and noticed that someone had gone in and changed my email address as well. They changed it to my name @yahoo.com.

This is scary stuff. Just a reminder for everyone else to check their accounts....

Moriens

Whoa. Good thing you're getting the points back.

LinkedIn had a big password hack recently. If anyone reading is using the same password on LinkedIn and on Marriott Rewards, change your MR password as soon as you can!

SanDiego1K

Yikes, I'm glad that you caught it in a timely fashion and the points are being restored.

I have my accounts on AwardWallet and check it daily. I have yet to experience fraud, but it's a great way to see if there has been any account activity.

Old Hickory

What is AwardWallet?

jbdear

Here you go!

http://lmgtfy.com/?q=Award+Wallet

Sorry Old Hickory ... couldn't resist.

Best of luck to OP on the quick return of the missing points!

SanDiego1K

I love this tool:

www.awardwallet.com

I track the miles and points for both my husband and myself with one click. Here's a thread for any specific questions you might have about it:

http://www.flyertalk.com/forum/trave...ral-codes.html

The one program it does not support is American Airlines. AA forced AwardWallet to take down their program, which I think is a great shame. Thus, I don't get it checked daily, and fraud could go undetected for some time.

SkiAdcock

Well I changed passwords on dif accounts after hearing about the Linkedin scenario, but didn't think about the the hotels & airlines passwords (which is weird, given I did remember them when my Skype account was hacked).

Sorry to hear about the OP's situation - BUT GREATLY APPRECIATE THE HEADS UP.

Cheers.

DenverF9Flier

I don't know if Yahoo offers a similar feature, but I turned on 2-factor authentication with Google recently and sleep much more soundly knowing that it would be extremely difficult for someone to compromise both my Gmail password (fairly easy with keyloggers/public computers) _AND_ my security code(s). There's an App that turns your smartphone into the keyfob, like the VPN keys that many companies give out - then the first time you login at a new computer, you have to enter both the PW and the code from your phone.

For more information, see the following Google Support topic: http://support.google.com/accounts/b...3945&ctx=topic

hnewman

I highly recommend www.keepass.com for password management.

DYKWIA

Although I use AwardWallet myself, it's a bit of a risk giving them your passwords. If they get hacked, all your accounts are open

dfe

I also just changed my password as a result, but I also simply cancelled my Linkedin account. I have been a member for several years with about 150 links and have never seen the least bit of value in Linkedin. Never get a message from anyone--why bother with the exposure.

I am also very suspicious of any other social network such as Facebook and think that I will cancel it as well. Facebook is a huge target and will get hacked big time sooner or later. Most of the stuff posted there is simply nonesense, like photos of my friends' toddlers, graduation and prom photos, where someone went to lunch today, motivational and feel good stuff and stupid political stuff. I just don't need all this inane clutter in my life.

Before I get flamed I know that any web site can be a target, but I simply want to limit my exposure.

Auman

The best thing is to not use the same password for any site/system, a pain for sure, but password reuse is something the bad guys rely on.

Flyer888

Transfer of airline miles... that's a foolish thing to do as eventually the airline membership account could be traced.

aviator8

I was notified of this breach around 3 today and went in to change all of my accounts passwords

nobbyclark

Surely they can work out who the recipient of the miles is/was and find them?