United Airlines and compensation. Preventing hacking of your frequent-flyer account.

By David Tykol
This item appears on page 2 of the March 2020 issue.
This is subscriber only post.
Get one year of online-only access — only $15!
Below is a sample of the article.
Please login or subscribe to ITN to read the entire post.
Stone gargoyle on the façade of the Nicholson Museum in Sydney, Australia, founded in 1860. The museum holds 30,000 archaeological artifacts from Egypt, Greece, Italy, Cyprus and the Mideast.

Dear Globetrotter:

Welcome to the 529th issue — our 44th Anniversary — of your monthly foreign-travel magazine. With this issue, we start our 45th year. (I got a little ahead of myself when, in last month’s column, I said we had completed “45 full years.”)

While I’ve got you looking back and looking forward, Where Were You in 2019? If you haven’t yet sent us your list of countries visited last year, you’ve got only a few weeks left to do so. March 31st is the deadline, at which time we’ll hold drawings to determine which participants are the prizewinners. Their names — and the country-count results — will be announced here in our June 2020 issue.

So, if you are an ITN subscriber, take a second to send us a list of all the nations you visited outside of your own country anytime in 2019. Email editor@intltravelnews.com or write to Where Were You in 2019?, c/o ITN, 2116 28th St., Sacramento, CA 95818. Include your postal address.

The country counts help us attract potential advertisers. ITN is a collaborative effort, and a quick email or postcard from you will provide positive support. Zip one off to us.

I’ve got a few items to share.

In January, United Airlines revealed that it will no longer “proactively” offer compensation to passengers when their plane is delayed by fewer than six hours (due to mechanical problems or crew issues, etc., but not weather delays). The compensation offered was typically small-value flight vouchers or food vouchers to be used in the airport.

Right now, some of you may be saying to yourselves, “United was proactively offering compensation for delayed flights!?” It seems they did have such a policy, and, according to a spokesperson for the airline, it has been changed “based on feedback we’ve received.”

This does not mean that United will no longer provide compensation after delays, only that each passenger must ask for it, and the amount of compensation, if any, will be entirely up to the discretion of the customer service person. (If you feel an extended delay warrants recompense, a strategy of being polite and patient with the agent might work to your advantage.)

As for the related policies of some other US airlines, United’s revised approach brings it in line with that of Delta Air Lines, which does not offer compensation unasked, while American Airlines agents currently will offer compensation to passengers without being asked.

However, while American will seek out passengers to offer them compensation, the minimum length of the flight delay required for that to happen and the amount or type of compensation to be offered is not revealed, unlike with jetBlue, which lists delay lengths and the associated compensation owed for each on their website (visit www.jetblue.com/customer-assurance/cancellations-delays and scroll down to “Compensation”).

In my January column, I passed along a warning from Forbes magazine telling frequent-flyer-program members to not leave their printed boarding passes behind (not even in the trashcan), since each includes the member’s name, booking-reference number and frequent-flyer number — “all that a thief needs in order to break into someone’s frequent-flyer account and steal the member’s miles.”

However, as ITN subscriber Gary Koenig of Albany, California, pointed out, I neglected to mention one other thing that a thief would need in order to steal your miles: a password. Your frequent-flyer-account password can be discovered in a variety of ways, however.

One way that people set themselves up to be victimized is by using the same password across multiple sites. When you reuse a password, it may be easier to remember, but if the password of even one account is exposed — such as when a bank’s entire database is leaked — then every account with that password becomes vulnerable. It’s important that you use a different password for each of your online accounts.

Another technique commonly used to steal passwords is phishing. In a phishing scheme, an email masquerading as an official email from a company, say, United Airlines, is sent to customers (in this case, frequent-flyer program members) to request account information.

The more basic of these phishing attempts will simply ask someone to send his information in a reply to the email (do NOT reply), while a more sophisticated attempt will provide a link to a log-in page that looks exactly like the log-in page on the company’s legitimate website. Once the victim has clicked on the link and typed in his user name and password, those are now in the hands of the thieves.

The way to prevent that kind of attack is to never follow a link in a suspicious email. If you believe an email is fraudulent, you can visit the website of the actual company that the email is purportedly from, log in to your account there and see if the issue reported in the email is present in your account.

Further, websites of many major companies have the option to report a suspicious email, with instructions on the site.

Or, if you can find the company’s email address, you can forward the suspicious email to them directly and ask if it came from them or is a phishing email. Just do NOT click on the link in the suspicious email.

Getting back to those printed boarding passes with your frequent-flyer account details, thieves can also attempt a password reset on your account by using information mined from your social media. (Dog’s name? Where you went to high school? Mother’s maiden name? A lot of people post these things on their social media pages.) Granted, this is a more difficult trick to pull off than using exposed information or phishing, but it’s been done.

In his letter, Mr. Koenig theorized that methods such as the ones described above could be used to steal passwords, and he warned that people using easy-to-guess passwords are also at risk of having their accounts hacked. His solution is to use very long passwords (not to mention a shredder).

Again referring to my January column, in particular my report about visitors to China now being able to provide credit card information in order to use smartphone apps to pay for products and services there, Gary Koenig went on to write, “I found the bit about China and electronic payments very interesting.

“However, I can’t imagine that I would want to upload all of my personal information to a server in a country not known for ethical behavior just so I can spend money there. For me, China drops way down on the ‘to be visited’ list because of that.”

A lesson in remaining optimistic —

ITN subscribers Michael J.E. Burge and his wife, Evelyn, of Ventura, California, had their travel agent book an around-Australia cruise aboard the MS Regatta for Dec. 6, 2019-Jan. 6, 2020, their second journey with Oceania Cruises (Miami, FL; 855/331-9612).

While making the reservations, they learned that for transfers between the Sydney airport and the ship — a 10-mile ride — the cruise line would charge $109 per person each way. (Transfer costs for each itinerary are shown on the website, www.oceaniacruises.com, during the booking process.)

In a letter mailed to the cruise line in March 2019, Mr. Burge noted, “We cannot afford a transfer charge of $436 for the two of us, round trip,” and he requested a reduction in the transfer cost. Having received no response by August, Mr. Burge had their travel agent, Deborah Deming of FROSCH Classic Cruise & Travel (Woodland Hills, CA; 800/563-2238), call the cruise line.

She did so, and the resulting letter explained, in part, that the reason for the high transfer costs is that Oceania contracts with insured and vetted drivers, which can result in higher fares. While the Burges were offered a $200 onboard credit, they decided not to use the ship’s transfer service.

After the cruise, Mr. Burge called ITN to report how they did on their independent airport/ship transfers.

After working their way through the Sydney airport, Michael and Evelyn bypassed the shuttle desks inside and simply walked out to the curb where SuperShuttles* were waiting. They climbed into one, and when it was full of riders, it took everyone to the ship at a cost of AUD20 (near $13.50) per person.

At the end of the cruise, for the return ride from the port to the airport, they ended up using one of the waiting taxis. For the two of them, the cab ride cost AUD45.

*Unfortunately, SuperShuttle, the 30-year-old airport-shuttle service operating in 17 countries, including the US, ceased operations worldwide on Dec. 31, 2019.

Regarding Yvonne Michie Horn’s feature in the February 2020 issue (page 6), Susan Greek of Corona, California, wrote, “I was very happy to see an article about ElderTreks’ China Silk Road tour because I took that trip about four years earlier when it was first offered, and I wanted to compare my thoughts about it with this author’s.

“One site that she didn’t mention was the Mogao Caves, near Dunhuang, which I considered to be one of the highlights of the trip. However, I was happy to see her description of the small cave in Jiayuguan. It is barely mentioned in guidebooks, and I found its painted tiles enchanting.

“But the real reason I enjoyed the article was she mentioned that her tour leader, Nitin Dhami, was named one of 2019’s top three tour guides in the world by Wanderlust magazine. I have traveled with Nitin at least eight times, including to Africa in 2019, and he certainly deserves the recognition.”

Don’t forget to write in: Where Were You in 2019?

 

Please login or subscribe to ITN to read the entire post.
Stone gargoyle on the façade of the Nicholson Museum in Sydney, Australia, founded in 1860. The museum holds 30,000 archaeological artifacts from Egypt, Greece, Italy, Cyprus and the Mideast.

Dear Globetrotter:

Welcome to the 529th issue — our 44th Anniversary — of your monthly foreign-travel magazine. With this issue, we start our 45th year. (I got a little ahead of myself when, in last month’s column, I said we had completed “45 full years.”)

While I’ve got you looking back and looking forward, Where Were You in 2019? If you haven’t yet sent us your list of countries visited last year, you’ve got only a few weeks left to do so. March 31st is the deadline, at which time we’ll hold drawings to determine which participants are the prizewinners. Their names — and the country-count results — will be announced here in our June 2020 issue.

So, if you are an ITN subscriber, take a second to send us a list of all the nations you visited outside of your own country anytime in 2019. Email editor@intltravelnews.com or write to Where Were You in 2019?, c/o ITN, 2116 28th St., Sacramento, CA 95818. Include your postal address.

The country counts help us attract potential advertisers. ITN is a collaborative effort, and a quick email or postcard from you will provide positive support. Zip one off to us.

I’ve got a few items to share.

In January, United Airlines revealed that it will no longer “proactively” offer compensation to passengers when their plane is delayed by fewer than six hours (due to mechanical problems or crew issues, etc., but not weather delays). The compensation offered was typically small-value flight vouchers or food vouchers to be used in the airport.

Right now, some of you may be saying to yourselves, “United was proactively offering compensation for delayed flights!?” It seems they did have such a policy, and, according to a spokesperson for the airline, it has been changed “based on feedback we’ve received.”

This does not mean that United will no longer provide compensation after delays, only that each passenger must ask for it, and the amount of compensation, if any, will be entirely up to the discretion of the customer service person. (If you feel an extended delay warrants recompense, a strategy of being polite and patient with the agent might work to your advantage.)

As for the related policies of some other US airlines, United’s revised approach brings it in line with that of Delta Air Lines, which does not offer compensation unasked, while American Airlines agents currently will offer compensation to passengers without being asked.

However, while American will seek out passengers to offer them compensation, the minimum length of the flight delay required for that to happen and the amount or type of compensation to be offered is not revealed, unlike with jetBlue, which lists delay lengths and the associated compensation owed for each on their website (visit www.jetblue.com/customer-assurance/cancellations-delays and scroll down to “Compensation”).

In my January column, I passed along a warning from Forbes magazine telling frequent-flyer-program members to not leave their printed boarding passes behind (not even in the trashcan), since each includes the member’s name, booking-reference number and frequent-flyer number — “all that a thief needs in order to break into someone’s frequent-flyer account and steal the member’s miles.”

However, as ITN subscriber Gary Koenig of Albany, California, pointed out, I neglected to mention one other thing that a thief would need in order to steal your miles: a password. Your frequent-flyer-account password can be discovered in a variety of ways, however.

One way that people set themselves up to be victimized is by using the same password across multiple sites. When you reuse a password, it may be easier to remember, but if the password of even one account is exposed — such as when a bank’s entire database is leaked — then every account with that password becomes vulnerable. It’s important that you use a different password for each of your online accounts.

Another technique commonly used to steal passwords is phishing. In a phishing scheme, an email masquerading as an official email from a company, say, United Airlines, is sent to customers (in this case, frequent-flyer program members) to request account information.

The more basic of these phishing attempts will simply ask someone to send his information in a reply to the email (do NOT reply), while a more sophisticated attempt will provide a link to a log-in page that looks exactly like the log-in page on the company’s legitimate website. Once the victim has clicked on the link and typed in his user name and password, those are now in the hands of the thieves.

The way to prevent that kind of attack is to never follow a link in a suspicious email. If you believe an email is fraudulent, you can visit the website of the actual company that the email is purportedly from, log in to your account there and see if the issue reported in the email is present in your account.

Further, websites of many major companies have the option to report a suspicious email, with instructions on the site.

Or, if you can find the company’s email address, you can forward the suspicious email to them directly and ask if it came from them or is a phishing email. Just do NOT click on the link in the suspicious email.

Getting back to those printed boarding passes with your frequent-flyer account details, thieves can also attempt a password reset on your account by using information mined from your social media. (Dog’s name? Where you went to high school? Mother’s maiden name? A lot of people post these things on their social media pages.) Granted, this is a more difficult trick to pull off than using exposed information or phishing, but it’s been done.

In his letter, Mr. Koenig theorized that methods such as the ones described above could be used to steal passwords, and he warned that people using easy-to-guess passwords are also at risk of having their accounts hacked. His solution is to use very long passwords (not to mention a shredder).

Again referring to my January column, in particular my report about visitors to China now being able to provide credit card information in order to use smartphone apps to pay for products and services there, Gary Koenig went on to write, “I found the bit about China and electronic payments very interesting.

“However, I can’t imagine that I would want to upload all of my personal information to a server in a country not known for ethical behavior just so I can spend money there. For me, China drops way down on the ‘to be visited’ list because of that.”

A lesson in remaining optimistic —

ITN subscribers Michael J.E. Burge and his wife, Evelyn, of Ventura, California, had their travel agent book an around-Australia cruise aboard the MS Regatta for Dec. 6, 2019-Jan. 6, 2020, their second journey with Oceania Cruises (Miami, FL; 855/331-9612).

While making the reservations, they learned that for transfers between the Sydney airport and the ship — a 10-mile ride — the cruise line would charge $109 per person each way. (Transfer costs for each itinerary are shown on the website, www.oceaniacruises.com, during the booking process.)

In a letter mailed to the cruise line in March 2019, Mr. Burge noted, “We cannot afford a transfer charge of $436 for the two of us, round trip,” and he requested a reduction in the transfer cost. Having received no response by August, Mr. Burge had their travel agent, Deborah Deming of FROSCH Classic Cruise & Travel (Woodland Hills, CA; 800/563-2238), call the cruise line.

She did so, and the resulting letter explained, in part, that the reason for the high transfer costs is that Oceania contracts with insured and vetted drivers, which can result in higher fares. While the Burges were offered a $200 onboard credit, they decided not to use the ship’s transfer service.

After the cruise, Mr. Burge called ITN to report how they did on their independent airport/ship transfers.

After working their way through the Sydney airport, Michael and Evelyn bypassed the shuttle desks inside and simply walked out to the curb where SuperShuttles* were waiting. They climbed into one, and when it was full of riders, it took everyone to the ship at a cost of AUD20 (near $13.50) per person.

At the end of the cruise, for the return ride from the port to the airport, they ended up using one of the waiting taxis. For the two of them, the cab ride cost AUD45.

*Unfortunately, SuperShuttle, the 30-year-old airport-shuttle service operating in 17 countries, including the US, ceased operations worldwide on Dec. 31, 2019.

Regarding Yvonne Michie Horn’s feature in the February 2020 issue (page 6), Susan Greek of Corona, California, wrote, “I was very happy to see an article about ElderTreks’ China Silk Road tour because I took that trip about four years earlier when it was first offered, and I wanted to compare my thoughts about it with this author’s.

“One site that she didn’t mention was the Mogao Caves, near Dunhuang, which I considered to be one of the highlights of the trip. However, I was happy to see her description of the small cave in Jiayuguan. It is barely mentioned in guidebooks, and I found its painted tiles enchanting.

“But the real reason I enjoyed the article was she mentioned that her tour leader, Nitin Dhami, was named one of 2019’s top three tour guides in the world by Wanderlust magazine. I have traveled with Nitin at least eight times, including to Africa in 2019, and he certainly deserves the recognition.”

Don’t forget to write in: Where Were You in 2019?