AMEX Reward Pts Hacked

Cruiser Elite said:
So here is first fraudulent transaction on Nov 29:
View attachment 342751
When I logged in on Aug 30 and saw this I imm contacted AMEX and alerted them. After a considerable time on phone with first agent I was finally put through to fraud team who requested I imm change Login and Password details which I did. A subsequent call back on Sep 1 from fraud team advised me they were still investigating but pts would be returned to my account.

I logged in on Sep 3 and saw this:
View attachment 342752
I imm called AMEX and asked to be put through to fraud team - no you cannot do it that way you must waste 10 to 15 mins and explain whole scenario again to agent who then looks at it and after they are satisfied they put you through to fraud team. I finally get to talk to fraud team and they seriously sounded surprised this had happened again.

They were non committal and said they would investigate. A subsequent call back from first agent from 2nd call requested I again change Password to account - not Login again just Password which I did. I have followed up with another call yesterday Sep 7 and agent I spoke to said fraud team are still investigating. I told agent I want a full explanation in writing from fraud team as how these events could actually occu.

No points have been returned ATPIT - as to reason how this could happen I wait with bated breath 👍
Click to expand...
Have you followed up with checking if a DJs account has been made in your name?
Post automatically merged:

My guess is Foggu has the right answer. It’s nothing to do with your Amex login details probably.
 
Sponsored Post

Struggling to use your Frequent Flyer Points?

Frequent Flyer Concierge takes the hard work out of finding award availability and redeeming your frequent flyer or credit card points for flights.

Using their expert knowledge and specialised tools, the Frequent Flyer Concierge team at Frequent Flyer Concierge will help you book a great trip that maximises the value for your points.

This are from David Jones website, checkout page.

All you need is name and card details, and you will be able to view your amex points balance.
How is this even possible ? Where is the security from this ?

I am assuming, Why scammer not just use the card for spending ? because it will trigger fraud much quicker. so it is better scamming thru amex MR points, may be it wont trigger amex fraud security system, UNLESS the owner of the card notice their points has disappear.

Just my thoughts !



32a09154-cbcc-4bda-8b98-6ea6b70d3883.jpeg
 
I’m guessing this won’t last long and 2FA will be implemented shortly, with the system coming offline first in the next few weeks.
I’ve cross posted this info to some other groups, wonder if we’ll see how widespread this is.
Scary stuff
 
Latest convo with AMEX this morn I am informed ALL pts will be reinstated but can take 7 to 10 days. AMEX Fraud Team are still investigating but as evidenced by bbqwer’s post mine was not isolated case - indeed Agent I spoke to today advised he had just completed reinstatement of 4.8mil pts to another cardholders account - who knows the extent of these activities.

Finally they decide today I should replace card and it will be cancelled Wed morn when I am back from Bali - never a moment huh?
 
bbqwer said:
This are from David Jones website, checkout page.

All you need is name and card details, and you will be able to view your amex points balance.
How is this even possible ? Where is the security from this ?

I am assuming, Why scammer not just use the card for spending ? because it will trigger fraud much quicker. so it is better scamming thru amex MR points, may be it wont trigger amex fraud security system, UNLESS the owner of the card notice their points has disappear.

Just my thoughts !



View attachment 343127
Click to expand...

I guess someone has purchased a list of stolen credit details from a previous data breach on a third party website and realise this is a good hay to make hay while the sun shines. This is going to be an expensive problem for Amex/DJs, that's for sure. DJs really should be freezing all these transactions.
 
My guess is the frontline security people haven’t quite realised the ease, nor extent, of the issue.
 
oz_mark said:
The David Jones page does require the card security code, but perhaps you can brute force that
Click to expand...
Yeah, but that is relatively low security. A photo of the card would suffice. It doesn’t even need the ccv2 that Amex uses to book with a travel credit, which would at least need the back of the card.
It should use 2fa or something.
 
Cruiser Elite said:
Latest convo with AMEX this morn I am informed ALL pts will be reinstated but can take 7 to 10 days. AMEX Fraud Team are still investigating but as evidenced by bbqwer’s post mine was not isolated case - indeed Agent I spoke to today advised he had just completed reinstatement of 4.8mil pts to another cardholders account - who knows the extent of these activities.
Click to expand...
The amex lady I spoke this morning, i was assured my amex points will be return - one thing the lady said: It is a known issue amex face recently.

I just hope points come back asap, due to SQ devaluation is approaching!
 
Yes I also spoke to the Agent re transfer rate change date - I was assured all will be completed by then - I have little concern re this matter - AMEX aren’t going to screw customers because of their failings
 

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..

Recent Posts

Currently Active Users

Total: 954 (members: 7, guests: 947)
Back
Top