Skip to content

Thieves Are Out To Sell Your Stolen Miles For Cheap

Sept. 19, 2018
4 min read
Cyber Hacker Red
Thieves Are Out To Sell Your Stolen Miles For Cheap
The cards we feature here are from partners who compensate us when you are approved through our site, and this may impact how or where these products appear. We don’t cover all available credit cards, but our analysis, reviews, and opinions are entirely from our editorial team. Terms apply to the offers listed on this page. Please view our advertising policy and product review methodology for more information.
New

Quick summary

The dark web is flooded with stolen airline miles pilfered following data breaches or through phishing operations — and the thieves are willing to sell the miles for about half their value.

In a study published Wednesday, technology and research firm Comparitech examined black markets on the web in search of miles for sale. It found rewards points available on the dark web from more than one dozen different frequent flyer programs. Delta SkyMiles and British Airways Avios were the mileage currency most commonly listed.

Although prices frequently fluctuate and are not uniform across different black markets, one of the sellers Comparitech examined was selling 100,000 points from various frequent flyer programs for as little as $884. Based on TPG's latest valuations, those points are being sold at a huge discount. Some of the miles programs listed at this price included:

To be clear, stealing frequent flyer miles is a crime, one that could land a thief in prison for years. It's also unwise to purchase stolen miles. Comparitech says if you get caught, the airline could take away all your miles (even the ones you earned legitimately) and leave you with nothing for violating its terms of service.

Still, the threat of incarceration isn't deterring criminals from either taking over consumer accounts or emptying out those accounts and transferring miles into new ones. They first break in by obtaining login credentials taken during a data breach or by phishing individual account holders, Comparitech said.

Daily Newsletter
Reward your inbox with the TPG Daily newsletter
Join over 700,000 readers for breaking news, in-depth guides and exclusive deals from TPG’s experts

A phishing scam might go like this: The consumer will get an email claiming to be from an airline asking the consumer to verify their account information — because there was a problem with the account, in order to claim a prize, cancel a reservation or any number of other excuses to get you to comply. When the consumer sends the information, the thief gets access to their account.

People who buy the stolen miles likely don't use them to purchase airfare or book hotel rooms, Comparitech noted, because those transactions typically require proof of ID. Instead, stolen miles may be easily converted into gift cards or products available through partner retailers. Some resell the rewards to so-called "grey market mileage brokers" that abound on the web. Those brokers then may turn around and use the points to get flight upgrades for their clients.

How to Protect Yourself

If you discover you're missing miles, report it immediately to the airline. As TPG himself pointed out several years ago, although the airlines aren't liable for miles stolen from your account, the sooner you report the theft, the better the odds are they can catch the thief and get you your miles back.

Comparitech also cautions travelers to do the following to protect themselves against an account breach:

  • Shred boarding passes after a flight.
  • Don't post pictures of boarding passes online.
  • Don't put frequent flyer account numbers on baggage tags.
  • Avoid airport Wi-Fi when accessing your account.

You'll also want to regularly check your account and frequently change your strong account password. Because of the volume of data breaches, you'll also want to make sure your airline account password is unique from other passwords. If not, you're making yourself vulnerable to attack.

Featured image by Getty Images