Cyber Criminals Stealing Reward Points & Air-Miles

Uploaded on 2017-11-30 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Research by security firm Flashpoint uncovered a thriving online marketplace where illicit “booking services” offer discounts at the expense of genuine customers in the UK and elsewhere.

Russian cyber criminals are using British victims' reward points and air-miles to enjoy luxury holidays at budget prices, a report has revealed.

The fraud sees lucrative rewards sites accessed through compromised bank accounts and credit cards, usually without the owner’s knowledge, and used to purchase hotel rooms, flights, cruises and car rentals. One British couple only found out 30,000 points had been stolen from their Avios account after a hotel was booked for three nights in Spain, using one legitimate name as the lead traveler alongside “Dimitri and Olga”.

Several other travellers have found points being used for Russian flights, including one from Moscow to Kiev and an internal Russian flight for two passengers, or hotels in the country like the 5* Intercontinental Moscow. 

Flashpoint analysts say the Russian-speaking and English-speaking marketplaces were the biggest in the fraudulent trade, followed by French and Spanish.

Liv Rowley, one of the report’s authors, said it was part of a “cyber-criminal ecosystem” incorporating hackers and middle-men who purchase and sell on the necessary details.
“They’re real services and points but going to the wrong person,” she explained.
“We believe that this is actually working,” she added, describing photos posted online by jubilant holidaymakers and happy reviews on illicit websites.
“I believe the people taking part in this knowing it’s illegal. A lot of the listings we see include flights at 30 or 25 per cent of the listing price. 
“If you’re buying a flight for only a quarter of its value, there’s probably something and weird.”

One Russian-language forum has established its own group of members dedicated to cyber-crime targeting hotels, while another offers plane tickets to anywhere in the world, apart from Russian domestic flights.

On the now-defunct AlphaBay Market, 3,601 customers purchased one provider’s fraudulent hotel and car rental services between March 2015 and December last year. Researchers said it was impossible to tell the success rate of the fraud, which should be thwarted by identification checks by airlines, hotels and car rental companies.

Some sites have been encouraging customers to make reservations in their own names, as attempting to fake a passport or travel document is too risky.
“Some people commenting on forums posts say they experienced a bit of difficulty,” Ms. Rowley said.
“Hotels can ask to see the card the booking was made under but they don’t have the information, so they find a way to get out of it by coming up with lies like ‘I lost my wallet’ or ‘it was present’.”

Although several known sites have been shut down, cyber criminals are moving to other platforms to offer their wares, which also include retail gift cards. Providers have been refunding stolen points but Flashpoint is urging people to frequently check their reward accounts or set up alerts for anomalies, while ensuring their online bank accounts are under maximum security and being aware of phishing attempts and other scams.

So-called “brute-forcing software”, which runs through a large number of possible password combinations until the correct one is determined, is one of the many ways the accounts can be compromised so complexity and variation is key.

The warning comes after security officials said that Russian-speaking countries pose the “number one cyber-crime threat to the UK”.

Billions of pounds have so far been lost in online attacks that are affecting British people every day, following the huge WannaCry ransomware attack that crippled the NHS.

Around 1.8 million cyber-dependent crimes took place last year, according to the Crime Survey for England and Wales, mostly from online criminals seeking profit.

“Things are likely to get worse before they get better,” said Oliver Gower, head of the National Cyber Crime Unit.
“With innovative criminal capability available to the highest bidder, it is inevitable that hostile states will explore its possibilities, and conversely that very entrepreneurial cyber criminals may seek to steal data in order to sell to states.”

Independent:

You Might Also Read:

Russian Hackers Feel The Heat:

Russian Cyber Gang Arrested By …. Russia:

UK Under Attack By Russian & Chinese State Sponsored  Hackers:

 

« Apple Must Fix Its Embarrassing Password Bug
Replaying Crime Scenes With An Advanced Scanner »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

GTB Technologies

GTB Technologies

GTB Technologies is a cyber security company that focuses on providing enterprise class data protection and data loss prevention solutions.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

VADO Security Technologies

VADO Security Technologies

VADO Security enables the safe transfer of data between low & high security networks.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

PureCyber

PureCyber

PureCyber (formerly Wolfberry Cyber) is an award-winning cyber security consultancy whose goal it is to make cyber security accessible, understandable, and affordable for any organisation.

Dynics

Dynics

The Dynics ICS-Defender is an Industrial Control System Security Appliance for OT or OT/IT convergent environments.

AwareGO

AwareGO

AwareGO is a global provider of security awareness training content and solutions that help enterprises improve cybersecurity awareness in the workplace.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

RADICL

RADICL

RADICL's mission is to give SMBs that serve America's Defense Industrial Base (DIB) access to strong, enterprise-grade cyber security protection.

Issue53

Issue53

We empower organizations to thrive in the digital landscape. Strengthen your defenses, enhance resilience – Choose Issue53 for a secure and future-ready IT environment.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.