How to Avoid Points and Miles Theft
Signing up for credit cards through partner links earns us a commission. Terms apply to the offers listed on this page. Here’s our full advertising policy: How we make money.INSIDER SECRET: By viewing all of your loyalty accounts in one place, tools like AwardWallet allow you to find out more easily if your miles and points are being used fraudulently.
Recent data breaches, such as those at Capital One and Equifax, are reminders that no matter how much we guard our personal information, someone can still get their hands on it. Our personal data is held by a number of different companies and it only takes one weak link for a hacker to succeed.
With so many cases of identity theft and data breaches, you may be safeguarding your bank accounts and credit cards. But there’s another valuable currency that could be stolen: miles and points. Those accounts can also be wiped clean with no way to get them back.
If you’re worried about becoming a victim of miles and points theft, here’s how it occurs and how you can minimize the likelihood of becoming a victim.
The Value of Miles and Points and Why They’re an Attractive Target for Hackers
Hackers know how valuable miles and points can be and they can be very creative in getting their hands on those points.
You can see the value of miles and points on some of the best credit cards for travel. For instance, many value Chase Ultimate Rewards points at around 2 cents per point, which means that an intro bonus of 50,000 Ultimate Rewards points could be worth $1,000 or more.
It’s a good idea to treat your miles and points as you would cash in your bank account. Check your loyalty accounts frequently so that you’ll know sooner rather than later if any unauthorized transactions occur. The earlier you spot potential fraud, the greater your chances are for recovering your points.
How You Could Become a Victim of Miles and Points Theft
There are a few ways hackers can get into your account, such as stealing the password to your account or social engineering.
Stealing your password is the simpler way. It can happen if you use a computer that has viruses/spyware or if you use a weak password and have not changed it in a long time.
Social engineering is more sophisticated: Hackers call a bank or airline pretending to be you in order to transfer miles or gain access to your online account.
Once they have gained access, they may try to sell your account login details on the dark web or transfer the points out of your account by “gifting” them to a clean account they’ve created.
What Are Miles and Points Worth on the Black Market
Miles and points are not created equal, as some are worth more than others. According to Comparitech, here’s what certain miles and points are going for on the black market:
|Points/Miles Provider||# of Points||Value on Black Market|
How to Keep Your Miles and Points Safe
To reduce the likelihood of having your accounts taken over by a hacker, you can follow the following tips.
For securing your computer:
- Use a strong password with length, characters, uppercase, lowercase, and special symbols
- Change your password periodically
- Enable two-factor authentication if available
- Scan your computer for viruses/spyware
- Only use computers you trust
When you’re traveling:
- Shred your boarding pass after a flight
- Never post a photo of your boarding pass online
- Don’t put your airline account number on your luggage
- Avoid using public Wi-Fi
A few other general tips:
- Monitor your accounts regularly for suspicious activity
- Use tools like AwardWallet to more easily manage your accounts
- Use Experian’s Dark Web Scanner to see if your information is being sold on the dark web — information like your SSN, email address, phone number or anything else that identifies you and your accounts
Other Ways Miles and Points Are Transferred
Points that are stolen could end up in the hands of legitimate mileage brokers. These mileage brokers buy points cheaper than what they’re worth and then resell them to others at a discount.
Although it may seem like a good deal for you to buy points cheaply, you could be purchasing points that were stolen from someone else.
And although it may not technically be illegal to buy or sell points, many banks prohibit this in their terms and conditions. If a bank finds out that a ticket you purchased was obtained through a mileage broker, your tickets could be deemed void. It’s best to steer clear of mileage brokers.
Ways to Use Unwanted Miles
If you have miles or points that you can’t use but also don’t want to have them fall into the hands of a hacker, there are ways you can get some value out of them.
- Donate to charity: some banks allow you to redeem your points at a predetermined value for charity
- Buy gift cards: redeeming points for gift cards won’t yield the best value, but it’s a better alternative than letting your points sit dormant in your account
- Book a flight for a family member: Even if you won’t be traveling, you can redeem your points to purchase tickets for a family member as a gift
Miles and points are extremely valuable and hackers know this, so treat your miles and points as you would cash. You can minimize your chances of being a victim of fraud by practicing safe computing practices at home and on the road.
But there is no foolproof solution, so check your loyalty program account balances frequently and consider using tools like AwardWallet to more easily manage and view all of your accounts in one place.For the latest tips and tricks on traveling big without spending a fortune, please subscribe to the Million Mile Secrets daily email newsletter.
Editorial Note: We're the Million Mile Secrets team. And we're proud of our content, opinions and analysis, and of our reader's comments. These haven’t been reviewed, approved or endorsed by any of the airlines, hotels, or credit card issuers which we often write about. And that’s just how we like it! :)