Breaking News         Latest US News              New York News              Fx Tribune

How to Deal With German Shepherd Aggression
Overworked employees might take some solace from the belief that their road-warrior lifestyles are helping them build up hotel and airline points that they can later use to take a vacation

Could Cybercrime Sink Your Travel Plans?

Overworked employees might take some solace from the belief that their road-warrior lifestyles are helping them build up hotel and airline points that they can later use to take a vacation

Could Cybercrime Sink Your Travel Plans?
 Overworked employees might take some solace from the belief that their road-warrior lifestyles are helping them build up hotel and airline points that they can later use to take a vacation. Imagine those employees’ disappointment when they open their rewards accounts only to discover that all of their hard-won points are gone!

 

This is exactly what happened to thousands of Hilton Honors rewards accounts members near the end of 2014, after hackers stole millions of the programs rewards points and began selling them online to other takers. United, American, and Japan Airlines experienced similar thefts in their respective awards programs in 2015. Hilton reimbursed its account members who reported that their points were stolen, but the damage had been done and inevitably, some of those account members experienced disruptions in their travel plans.

 

The hackers’ modus operandi for travel point thefts has been as unsophisticated as the security that the company had erected around reward accounts. One analysis of travel rewards programs revealed that hotel and airline companies had little more than four- to six-digit passwords for their sites, with no other user authentication. Consumers also tend to be more complacent about their travel awards accounts, and frequently use the same sign-in information for each of those programs. This allows a cyberthief to gain access to multiple accounts as soon as one account is cracked.

 

Hackers are also thwartingreward program security systems with simple spoofing schemes that fool those systems into thinking that a request to redeem airline or hotel miles is coming from a legitimate rewards program member. With a spoof, the hacker replicates the network address of a legitimate rewards member and fools the rewards computer into believing that the hacker’s sign-in is originating with that user.

 

The Incentive to Steal Rewards Points

 

Reward points are high-value, low-risk targets that are protected with minimal security. Points can be sold to brokers for cash. They can be exchanged for products or gift cards. Some hackers have gone so far as to use stolen points to book their own air travel and hotel stays.

 

More dangerously, rewards card points can be a stepping stone to a user’s more secure data, including addresses, financial account numbers, and social security number. More than 3 billionuser-loyalty rewards accounts have been opened by U.S. citizens. This vast trove of data is an enticing target for cybercriminals that have a further goal of stealing identities.

 

How to Respond if Your Points are Stolen

 

As suggested by the Hilton Honors situation, if you see that points have been stolen from any of your rewards accounts, your first order of business is to notify the company of the theft. This lays the groundwork for the company to reimburse points that may have been lost.

 

Because of the cross-pollination of passwords among a user’s rewards accounts, if you lose points from one account you should check all other accounts to confirm that they have not been targeted as well. Changing and varying passwords among accounts is also a good strategy to prevent further losses.

 

A company that runs a rewards program has different concerns and liabilities in the event of a data theft or breach from those rewards accounts. That company will likely incur substantial direct costs to recover lost data and to rebuild affected servers and databases. It may also incur liabilities to rewards account members whose points and data have been lost or compromised as a result of the breach. The company might be able to absorb these direct and third-party losses associated with the breach, but those losses can be substantial and have a direct effect on the company’s bottom line. Cyber insurance is a better option for all companies that manage rewards accounts.

 

Cyber insurance can make compensation available to cover a company’s cybertheft losses. Cyber insurance companies can also help their clients to establish better security to prevent losses in the first instance. Rewards account members who know that they are dealing with a company that provides stronger protection will be more likely to continue with the program and to remain loyal to the brand.

 

Breaking News Headlines

banner30
The broad left front is not delivered to Guillier
The broad left front is not delivered to Guillier
Bonet: "The Barcelona brand is dead, its recovery depends on the elections"
Bonet:
Colombia protests Venezuela for military incursion into its territory
Colombia protests Venezuela for military incursion into its territory
The water flows on Mars are actually sand, according to a study
The water flows on Mars are actually sand, according to a study
Police denounce a plague of mosquitoes in the dungeons of the courthouse of Tenerife
Police denounce a plague of mosquitoes in the dungeons of the courthouse of Tenerife
The Utopia of the ideal library
The Utopia of the ideal library
Yellen will leave the Federal reserve after the respite in the presidency
Yellen will leave the Federal reserve after the respite in the presidency
Hochtief, the German subsidiary of ACS, closes the loan of 15 billion for the purchase of Abertis
Hochtief, the German subsidiary of ACS, closes the loan of 15 billion for the purchase of Abertis
Rull and Turull ask to get out of prison because they have complied with the 155
Rull and Turull ask to get out of prison because they have complied with the 155
Junqueras requests his departure from prison without explicitly complying with the 155
Junqueras requests his departure from prison without explicitly complying with the 155
A second woman accuses Senator Al Franken of groping her.
A second woman accuses Senator Al Franken of groping her.
Gunned down the president of the Human Rights Commission of Baja California Sur
Gunned down the president of the Human Rights Commission of Baja California Sur
POLLS Results ALL
Who is the most powerful actor in Syria

banner31
Front Pages
  • The Sun
NEWS ARCHIVES