Yeah, this is what I was getting at with my post upthread. My GF has been subjected to a similar sort of identity theft - someone stole her info and then went around a neighborhood selling cable to people (presumably for cash) using her info to open the accounts.

This is a strange one. It is so easy for United to cancel the tickets. So why would a thief bother to do this? Does he think you wouldn't notice?

One appraoch , the thief converted the tickets into cash immediately. Booked ticket for another party and ripped them off, as discussed earlier in this thread.

Most people don't check their accounts as often as FTers do, and if the ticket is only a few days out, it might be enough time. Plus, if it's a third-party scammer, once that person collects payment, he/she doesn't care what happens to the tickets.

Trip insurance. They buy, don't fly and try to collect. It happened on my account, but Chase called and we headed them off.

You don't need to check your United account daily to see this sort of thing: Vigilance over credit card activity achieves the same thing across every merchant that has handled your credit card data.

+1 - I recall this discussed previously on FT and the the person(s) were met at gate on arrival by authorities and arrested.

As a means of early detection, I have account alerts set on on my chase MP card so I get an email on any charge over a set $ amount. This would allow me to call Chase and/or UA and report fraud probably well before the flight time.

Whoa ... why have the PIN work for web login even after you've setup a password. This basically negates any strong password, doesn't take long to crack a 4 digit PIN.

But then again this is the crack UA IT team we're talking about :rolleyes:

I'm not convinced that the relatively few United.com "hackers" out there are accomplishing it though brute force.

Why have a PIN at all? Probably because the Commodore 64 running SHARES can't handle anything more complicated, or because the finite number of monkeys in UA's IT department can't figure out how to get it to work correctly.

That works for large charges like revenue tickets, but how many people monitor their credit card for $5 award fee charges? And how would that work for mileage transfers or redemptions that don't generate charges?

From my own experience, the police don't care - they have better things to do. My garbage collector stole my identity via discarded mail. Over two year, he bought two cars, numerous credit cards, rented a house - he even got $20K of dental work under my name! He made the payments and then defaulted on everything, which I then found out. I filed a report in Chicago and I took everything to the Lansing Police Department where the guy lived. I had his real name, address and a thick file of everything and they didn't or couldn't do anything! The only thing one can do is be on top of everything and shred all documents. At least OP had no damage done to his credit.

Back in the 90s someone got a hold of my AX number & changed the address of my card. They purchased a $5k ticket to the carribean & were set to return prior to the statement closing.

I just happened to check something else & discovered the fraud. I begged AX to do something but they said wait until the statement closed. I called the secret service (which @the time handled credit card theft) & they would touch it only if the value was $7500. I called the local police & nada.

After statement closed, I had to contest charges. Nothing was done against fraudsters, very disappointing.

The 4-digit pin is also the reason I shred all boarding passes and printed itineraries. I don't want my MP number floating around.

Look, brute force is just not that likely here. Phishing and the like are way more likely to be the way these folks are getting PINs. It's really not a big concern.

In any case, due to concerns like yours, UA has now taken the complete MP number off of boarding passes.

There we go again. SHARES handles the reservations and I don't think it has anythnig to do with the PINs. MileagePlus is a different system.