Just when you thought it was bad enough keeping track of, managing, and protecting your entire collection of points and miles credit cards from identity theft, just wait until you hear this one: cyber criminals and schemes may now be after your precious points and miles collection.
I came across an interesting article this morning on CBS Boston about cyber criminals not only targeting credit card and personal information, but also frequent traveler points and miles.
The new trending phishing scheme is designed similarly to bank/personal account phishing schemes (e.g. a fake email from PayPal asking to validate your account info immediately or it will be shut down), by sending out fake flight or award-booking emails from airline carriers. The phishers’ objectives are that the recipient becomes alarmed by the booking and quickly “logs in” to their airline account to investigate the booking that they obviously have not made, thus giving their personal account details to the criminals.
Under this scheme, the miles are stolen, redeemed for airline tickets, and then resold to a third party. Unlike having your identity stolen, which is pretty easy to detect with modern-day credit-monitoring programs (I use CreditSesame and CreditKarma), the average person (aka, not points and miles geeks, of course) is often unaware of any changes in their points and miles award balances unless they are actively keeping track of their activity.
Sadly, I can imagine that most of these cases go undetected until the victim actually begins planning their vacation and logging in to see they have been robbed.
What are your thoughts? What lengths do you go to protect your points and miles (and personal information, of course)?
Let’s connect:Â 
I just blogged about these super-cheap RFID-proof card holders. I had a friend whose wallet was read while in his pocket and who had $1000s of dollars charged in 30 minutes!
http://thedealmommy.com/ive-never-asked-you-to-buy-anything-before-until-now-please-spend-6-and-save-yourself-grief/
Wow. This takes phishing to a whole new level!
Yikes – I may have to get one of those card holders.
As a side note, saw (heard) you on TV last night – please keep us posted as you investigate this new program.
wow just yesterday i had an email – supposedly from united, confirming that i had canceled a flight ( which i had not made) i figured something was screwy and just deleted it. If they take o nes miles, and it is noticed ( example, i ck my awardwallet account everyday) can you get the miles back?
AwardWallet is your friend, I put in all my accounts and monitor it religiously, every day. Once setup, it’s easy to see all your account balances from your iPhone, iPad, web, etc.
This happened to my parents. They received an email with an AA reservation attached. Looked legit, but thankfully they called me before clicking on the attachment or links. It was a phishing scam and they deleted the email… but these scammers are getting smarter.
how was his card read at Whole food?
Good think Award Wallet sends e-mails with updates on the balances..
just don’t click on the email, type the airline/hotel URL instead…plus check your accounts regularly for irregularities…
would be nice if identity theft laws were made into auotmatic capital crimes.
curious, would wrapping the RFID CC with alumimum foil counters from being read?