Hacker Steals Frequent Flyer Miles At a Hotel Hotspot

Do you think WiFi hotspot hackers are mostly interested in stealing high-value confidential information like your Social Security number, your credit card data, and your bank account information? Well, think again.

Cyber crooks are some of the most cunning people on the planet. When it comes to committing identity fraud, they’re always looking for new targets of opportunity – like your airline miles.

A Minnesota woman named Barbara Shaw found that out the hard way, according to KSTP, Channel 5 Eyewitness News in Minneapolis-St. Paul. Last fall, Shaw, a frequent flyer, used a Denver hotel’s WiFi hotspot to log in to her airline account and check in for her flight home to Minneapolis. A month later, after returning from an 11-day trip to Italy, the jet-lagged traveler got up in the middle of the night to check whether her airline miles had been credited to her online account. What Shaw saw when she logged in was shocking. Someone had withdrawn more than 250,000 miles from her account in three separate transactions while Shaw was in Italy.

How Stolen Airline Miles Got Turned Into Untraceable Gift Cards

The hacker was too smart to use his mega miles loot to take a trip around the world. Instead he used Shaw’s stolen airline log-in credentials to change her iPad profile to an address in Georgia. Then he converted her miles to gift cards and had them mailed to an Atlanta address where someone posing as Shaw signed for them. It was a perfect crime. There was no way to trace the stolen airline miles.

A fraud investigator for the airline told Shaw the hacker had most likely accessed her account when she used her hotel’s unsecure WiFi network in Denver to check in for her flight. Even worse, he said Shaw wasn’t the only miles-hacking victim.

Barbara Shaw told us she always used her company’s VPN to log into its business network. But she didn’t know it was possible to use a personal VPN to protect her sensitive information at WiFi hotspots. That’s a shame, because a VPN could have prevented the airline-miles cyber heist that turned into more than one frequent flyer’s nightmare.

Hotel WiFi hotspots are inherently unsecure. That’s why hotel hotspot hacking is a common crime. Here’s what you can do to make sure it doesn’t happen to you.

• Make sure your antivirus and antimalware software is updated and running.
• Ask the hotel for the correct name of its WiFi network. Cyber crooks try to trick hotspot users into connecting to fake hotel networks designed to steal their sensitive information.
• Use long strong passwords composed of letters, numbers and characters and change them often. Use a different one for each account.
• Turn off file sharing and disable peer-to-peer networking.
• Turn off your wireless network when you’re not using it.
• Use a VPN to protect your sensitive information at WiFi hotspots. VPNs protect you from identity fraud by encrypting the information traveling to and from your mobile devices. That means it’s invisible to hackers.