Underground Trade in Compromised Travel Rewards
Summary
Hide ▲
Show ▼
Cybercriminals are actively trading compromised airline and hotel loyalty accounts in underground markets, converting stolen miles into real-world travel commodities. The process involves credential compromise, inventory listing, redemption, and resale at discounted rates. This fraudulent activity is structured, with repeated sellers and a focus on major brands like United, American Airlines, Delta, Marriott, and Hilton. The monetization model follows four stages: gaining control over loyalty accounts, identifying valid miles, redeeming miles for travel, and reselling the bookings. The fraud is challenging to detect and recover from due to the conversion of points into tangible assets.
Timeline
-
12.03.2026 16:05 1 articles · 6h ago
Structured Trade in Compromised Travel Rewards Identified
Flare researchers analyzed 322 posts from underground communities, revealing a structured resale economy built around compromised airline and hotel loyalty accounts. The fraud involves a four-stage process: gaining control over accounts, identifying valid miles, redeeming miles for travel, and reselling the bookings. Major brands are targeted due to their large membership bases, high liquidity, and point value arbitrage. Pricing is negotiated privately, with an average rate of $1 per 1,000 miles.
Show sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05
Information Snippets
-
Loyalty fraud involves credential compromise, often through malware, phishing, or brute force attacks.
First reported: 12.03.2026 16:051 source, 1 articleShow sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05
-
Compromised accounts are sold in underground markets, with prices averaging $1 per 1,000 miles.
First reported: 12.03.2026 16:051 source, 1 articleShow sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05
-
Major airlines and hotel chains are targeted due to their large membership bases and high liquidity.
First reported: 12.03.2026 16:051 source, 1 articleShow sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05
-
Fraudsters emphasize full email access to accounts, reducing the chance of recovery by legitimate owners.
First reported: 12.03.2026 16:051 source, 1 articleShow sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05
-
The fraud is difficult to detect and recover from due to the conversion of points into real-world commodities.
First reported: 12.03.2026 16:051 source, 1 articleShow sources
- Going the Extra Mile: Travel Rewards Turn into Underground Currency. — www.bleepingcomputer.com — 12.03.2026 16:05