Scammers have a growing fondness for loyalty programmes

28 November, 2017

Fraudsters are increasingly targeting travel loyalty programmes, creating headaches for travel suppliers attempting to retain high value customers and creating risks for financial losses.


  • CyberSource and Airline Information research shows approximately 64% of survey respondents report increase in loyalty fraud in past 12 months.
  • Worryingly almost a quarter (23%) of respondents claim "significant" rise in loyalty fraud.
  • Around one in five companies claim fraud committed by travel agents among the top types they encounter.

New research conducted by CyberSource and Airline Information shows approximately 64% of 120 survey participants spanning airlines, hotel chains and other travel related businesses reported loyalty fraud had risen during the last 12 months, with 23% commenting instances of fraud had grown significantly.

Roughly 20% of the companies surveyed stated fraud committed by travel agents among the top types of fraud they encounter. Methods used by those agents include illicit collection of mileage on behalf of clients and redeeming miles while charging clients a full fare.

Loyalty programme account takeover was another form of fraud cited in the survey by 18% of respondents. This type of fraud occurs when a fraudster exploits a victim’s personal information to take control of an existing account or establish a new account, CyberSource concluded.

Fraudulent account takeovers are especially challenging for hospitality chains that allow customers to use loyalty programme credentials for mobile check-in. “A fraudster could use stolen credentials to pose as a customer and check into a room under false identity, running up a bill on the victim’s account,” warned CyberSource.

Compromised loyalty accounts are particularly challenging for the travel and hospitality industries, whose goals are to retain the best customers. “In highly competitive industries, customers are increasingly likely to take their business to a competitor if they believe defences have too many holes,” according the CyberSource report.

Businesses also stand to lose money from inappropriate redemptions of points or miles. The losses occur when a fraudster uses illicitly acquired miles for a free flight that could be sold at a premium, or when refunds are issued to customers that have been compromised.

Companies use a variety of metrics to gauge effects of loyalty fraud. Approximately 56% of the survey respondents measure cash value of redeemed tickets, stays or goods received for redemption. Other respondents, 52%, track the number of accounts compromised used to measure fraud.

Many businesses surveyed – 41% – opt to use internal automated tools to screen processes related to earning miles and points, and 43% use those type of tolls to monitor mile and point redemption processes. Few business utilise third party tools to track fraud in their loyalty programmes, and 54% of the CyberSource survey respondents stated they rely on review staff to manually screen mile and point earnings and 58% use staff to manually screen redemption.

Overall, 90% of the survey participants have been victim to loyalty fraud, leading CyberSource to conclude “there is clearly room to improve the effectiveness of fraud prevention”.