I’m never quite sure what to make of articles like these. Part of me reads this and thinks “Huh. I guess I should go buy some.”
“I guess I should go give my credit card details to someone I know is a criminal.”
Isn’t this what Bitcoin is for? I seriously hope nobody is buying drugs or points or whatever using their own credit card. That would be…special.
In all fairness, I think it’s only a 99% discount.
$12 is 1% of $1200.
The article mentions that other sites are similarly vulnerable. A couple of months ago my United Airlines account was hacked and about 250K miles were surreptitiously redeemed for 3 business class tickets from Istanbul to Azerbaijan. I just happened to notice it when I went to book a trip and called the airline right away. They referred me to the Security dept and refunded my miles almost immediately.
The agent who called me back did not seem the least bit surprised and even had a catchy term for it: “hack and fly”. Thieves hack in and resell award flights leaving within 24 hrs so that by the time you notice, the flights have already left. I missed catching the interlopers by only 2 hours. The hackers changed my email address and stored credit card in my profile so I was never notified.
I simply don’t understand why a major site like United would secure profiles with just a simple 4 digit PIN and why they do not have an automated email process that will alert you if/when changes are made to your account.
There’s a reason stolen goods tend towards 1% of retail: it is illegal to sell stolen goods, and it’s fairly easy to catch. Also, I suppose $12 goes a long way when you’re a crackhead.
Heck, I’d use my credit card to buy the points, then report the card stolen. As long as I am engaging in criminal activity, might as well go all the way.
Automating emails to wrong addresses is the recipe for getting through.
Those programs are mostly for getting in plane, boat, or hotel room where your physical confined presence makes you vulnerable.
This topic was automatically closed after 5 days. New replies are no longer allowed.