Skip to content
Tech News
← Back to articles

Going the Extra Mile: Travel Rewards Turn into Underground Currency.

2026-03-12 | original
read original get Travel Rewards Gift Card → more articles
Why This Matters

The underground trade of travel rewards highlights a significant cybersecurity threat that impacts both consumers and the travel industry. As loyalty points are increasingly exploited and monetized by cybercriminals, it underscores the need for stronger account security and industry vigilance to prevent substantial financial losses and protect consumer assets.

Key Takeaways

Airline miles were designed as rewards, however, in cybercrime markets, they are inventory. In many cases, the theft begins with credential compromise and ends with miles quietly converted into flights and hotel stays.

Flare researchers analyzed hundreds of posts from underground communities, which at first glance appear to be scattered account abuse but instead resemble a steady commercial trade in travel rewards - priced, negotiated, and monetized like commodities.

Loyalty fraud rarely appears in official crime dashboards as its own category. However, according to a Reuters article, industry estimates suggest that fraudulent reward redemptions across travel and retail ecosystems annually cost between $1-$3 billion USD in monetary losses to victims.

The Full Fraud Cycle - Turning Rewards into Revenue

The monetization model is straightforward and follows four stages:

Full fraud cycle

Gain control over a loyalty account: In many cases this is achieved by another threat actor, usually a more technical one who deploys malware such as infostealers or phishing or brute force into these accounts. This access is usually sold to a fraudster. Identifying valid miles and travel accounts: In this stage, the threat actor identifies valid accounts, usually with email access to increase the chances the fraud succeeds and advertises this as inventory in Telegram groups. Redeem miles for legitimate travel: After finding a potential customer, the fraudster will redeem the points or miles into a saleable commodity, usually a flight ticket or hotel accommodation. Resell the booking at a discount: In some cases, this commodity is resold in social media as a discounted airline ticket or accommodation.

Threat actors redeem miles for legitimate flights or hotel stays and resell those bookings at discounted rates.

Once the travel is completed, chargeback by the victim becomes difficult because the points or miles were already converted into real-world commodities.

Monitor Travel Fraud Across Cybercrime Markets Flare tracks underground Telegram channels where fraudsters trade compromised airline miles, hotel points, and loyalty credentials. Discover how our threat intelligence helps organizations detect account compromise before rewards are drained. Learn More About Flare

... continue reading

Explore topics: airline miles underground markets loyalty fraud cybercrime travel rewards
Related:
Police sinkholes 45,000 IP addresses in cybercrime crackdown
US charges another ransomware negotiator linked to BlackCat attacks
US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools
Police arrests 651 suspects in African cybercrime crackdown
Microsoft disrupts cybercrime-as-a-service platform tied to $40M in fraud

© 2026 GoKawiil

About | Editorial Policy | Contact