Stolen Frequent Flyer Miles for Sale on the DarkNet

S. passes along an article about CipherCracks, an individual online selling stolen miles dirt cheap.

Dark net marketplaces like Agora and Evolution (where CipherCracks plies his trade) are known mostly for selling drugs, guns and counterfeit money. You can also find bomb materials, porn and hacked credit cards. But CipherCracks is proof that there are also more mundane things for sale on these illicit sites, which attract sellers who want to remain anonymous.

The piece says he deals in “SouthWest, Delta, American, and United” although here’s his ad on reddit for Hilton HHonors points where he notes that American miles are ‘temporarily unavailable’ (perhaps their fraud detection got too good).

Apparently this guy sells points from hacked Gamestop accounts, too. And porn.

Here’s How it Works

What’s being sold are airline accounts that have been “load[ed up] with stolen miles from other people’s frequent flier accounts.” Buyers get the account’s user name and password, and are advised to use the miles for gift cards mostly and not for airfare.

If you buy airline tickets with the stolen miles, you give your real name and you’re usually redeeming for something in the future, which means your redemption may be cancelled. And you may get caught. And they know exactly where you will be, boarding a specific flight at a specific airport at a specific time.

When Priority Club (now IHG Rewards Club) had a glitch that allowed members to mine almost an unlimited number of points for their accounts via web scripts, those who made out the best before getting their accounts shut down redeemed the points instantly — for electronic gift cards, that were then used immediately for merchandise. Naturally those making hotel bookings in the future with their points had those reservations cancelled. Even those using the points to book airline tickets had the tickets cancelled.

Here’s How Cheap the Miles Are, But..

Selling miles through brokers, a practice I recommend against, you may get about a a penny a point for your miles. These are legitimately your miles you’re giving access to.

In contrast, stolen miles scams value miles at much less — perhaps as little as 1/25th of a cent per mile.

CipherCracks sells 750,000 miles for just $300. Shoppers get a drop-down menu and can buy between 50,000 and 1 million miles, and pay in bitcoin.

Despite the low low prices, don’t expect to be able to arbitrage between buying stolen miles on the darknet and selling them to brokers. As the article mentions, brokers are loathe to touch these miles since it’s too risky, brokers don’t want the increased risk of having their flying clients’ tickets cancelled. The miles just aren’t worth enough to them.

Anyway, this exists.

Related:


About Gary Leff

Gary Leff is one of the foremost experts in the field of miles, points, and frequent business travel - a topic he has covered since 2002. Co-founder of frequent flyer community InsideFlyer.com, emcee of the Freddie Awards, and named one of the "World's Top Travel Experts" by Conde' Nast Traveler (2010-Present) Gary has been a guest on most major news media, profiled in several top print publications, and published broadly on the topic of consumer loyalty. More About Gary »

More articles by Gary Leff »

Comments

  1. This really just further backs up my point that miles are more of a currency and much less of anything to do with travel. If the miles were ONLY allowed to be used for travel, the airlines wouldn’t have this issue, as proper ID would theoretically be checked.

  2. Is this supposed to be a “public service” message? Or are we just putting it “out there” – since you know: “Who’s to judge?” That would be a rather sad comment on the state of this “hobby”…

  3. I would enjoy reading an article about those people being sentenced to prison and given an abacus to play with during the next seven years. This is crime, and should be dealt with accordingly.

  4. I talked to a guy on FT that sold me some miles from darknet. I remember paying $400 for 160k UA miles 2 years ago, and he pocketed some from that for sure. I redeemed for 2 one way first class tickets for a couple of colleagues. Not a single problem. He obviously told me that it was risky and I was prepared for it with alternative cancel-able reservations. Afaik the same guy still sells miles on FT

  5. OK so I’ll bite… At 750K miles for $300, how much is this worth in gift cards? And on a related note, why isn’t the seller out buying stereos, clothes and all sort of other stuff with the miles. You’d think he’d be livin large with all the merch he could buy with said miles or even selling the stuff on eBay.

  6. Nick that’s the point of Darknet, folks arent supposed to know about it. It aint exactly Google (although ironically enough Google does manage to cache some of it — but do you see it, well that’s a whole another Q)

    Jonathan, usually miles are worth atleast 1c when redeemed for GCs and such. So that could result in about $7.5k in GCs when liquidated. Obviously you wouldnt cash em out all at once, cause that’s gonna be flagged and look hella suspicious. But a lil bit every now and then as you drain down your newly inherited account.

    Ivan – what’s your ID on FT? Would like to PM you, thanks!

  7. I need to buy some avianca miles.i will be glad if you can hook up so we do some business.

  8. People are seriously posting email addresses in a public forum advertising that they are willing to buy stolen miles from someone on the DarkNet?

Comments are closed.