Our loyalty fraud team recently partnered with Dark Web expert and Director of Security Research Jason B. Lancaster at SpyCloud to take a deeper dive into the Dark Web. As part of our loyalty fraud prevention series, this blog post will cover: the Dark Web Market, how fraudsters are selling rewards points and miles on the Dark Web, and what happens to member data after a breach has occurred.
It’s no secret that fraud is prevalent on the internet, from phishing scams to loyalty account takeovers. But what happens after a fraudulent loyalty account takeover? To start, hackers often take to the Dark Web, the often seedy underbelly of the internet where they can auction off stolen loyalty account logins, points and miles, even merchandise that they’ve fraudulently redeemed.
How much could a single instance of rewards program fraud cost your brand? The hard costs (replacing stolen points and miles) may be clear, but the hidden costs (negative word of mouth, lost customers) may be harder to calculate.
A Fortune 500 community bank nearing its 150-year anniversary has hundreds of billions of dollars in assets and operates thousands of financial centers across several states.
Fraudsters are focused on loyalty accounts for two primary reasons: rewards accounts are a high-value item (worth $48 billion in the U.S. alone), and most rewards accounts have a relatively low security threshold, making them an easier target than traditional bank accounts.
Airlines with frequent flier programs are focused on customers and profits. Profitability can come from a variety of revenue streams: better margins, higher attachment rates or more redemption options that incentivize members to earn and burn points.
Loyalty program members, especially those in the financial services industry, expect those companies to guard their personal information in the most robust way possible. And while 72 percent of loyalty program managers report experiencing fraud, many are challenged to build a case internally for this type of protection.
Economists report there is currently $238 billion dollars’ worth of loyalty currency in accounts that is vulnerable to hackers. This high value, relatively lower security and less protection (especially compared to bank accounts) makes loyalty and rewards accounts a prime target for hackers and thieves.
Rewards and frequent flier programs carry massive monetary value for airlines. A strong travel rewards program increases customer loyalty while generating revenue. But, if your rewards member base isn’t growing or points and miles aren’t being spent, it may be time to look for a new provider.