Some links to products and partners on this website will earn an affiliate commission.
When we use the term “travel hacking” here at InsideFlyer UK, we generally refer to legal, if only occasionally morally ambiguous, ways of earning and redeeming miles and points for maximum benefit. However, I couldn’t help noticing that “el Rey Millas” – the King of Miles – was arrested in Bogota, Colombia recently, with his exploits making the Colombian press – in Spanish, but worth a read on Google Chrome auto-translate – for the second time in recent years. He was apparently arrested en route from Bogota to Cartagena for violating the terms of his house arrest for a previous conviction.
Jaime Alejandro Solano Moreno managed to steal over five million miles and to travel to many countries worldwide. Rather than churning credit cards like the rest of us, he set up a fake website for Avianca LifeMiles, then sent “phishing” e-mails to a large number of Colombian actors, singers and celebrities, such as Modern Family’s Sofia Vergara.
How he managed to guess so many private e-mail addresses I cannot imagine, but it appears that he selected his targets wisely, as many of them would surely travel extensively, yet not really monitor the balances in their mileage accounts too closely. Once he obtained their log-in details for Lifemiles, Moreno would book travel for himself using his victim’s miles. He reportedly also was bold enough to sell “all inclusive” packages to third parties for cash, all the while booking such travel with miles from hacked accounts.
Frankly… I’m impressed at his ambition. Why? Because most reports of hacked accounts involve cashing out through Amazon gift cards and other massively sub-optimal uses of miles and points! 😉
Don’t let it happen to you
Having your loyalty programme accounts hacked is not fun. Here are some tips:
- Sign up for Award Wallet using the following upgrade coupon code – free-tvwmoe – and update your account balances regularly. The sooner you are aware of a hack, the sooner you can sort it out with the airline or hotel chain.
- Use complicated, one-off passwords for each different loyalty programme account. Since Award Wallet is keeping track of your passwords (as will your computer browser), there is no real need to stick with a single, easy-to-remember password across various accounts.
- Tip 2 does not apply to IHG Rewards Club, which insists upon an easy-to-force-hack 4-digit PIN number. At least try to avoid publishing your account number online, or throwing away account statements, hotel receipts, etc.
- Airlines and hotel chains will never e-mail you to ask you to reset your password. Legitimate emails should also be addressed to you personally, not to “Dear Member”. Most emails regarding promotions should be legitimate, but you can always click on the links provided on Inside Flyer UK – we promise that we’re not phishing!
Have you ever been hacked? Does Jaime’s exploit fill you with admiration or scorn?