QFF Account Scammed

Status
Not open for further replies.
S

SeekingInfo

Junior Member
Joined
Dec 11, 2014
Posts
17
Hi all,
My QFF Account was scammed last night (Sunday night) - 190,000 points were taken to purchase 10 Digital Gift Cards.
I received a text from Qantas Shopping Rewards Store - contact 1300 662 859 and 3 Reference numbers (245777, 245778 and 245779). I had no idea what this was and after logging into Qantas Shopping site - I could see right in front of my eyes - 10 Digital Gift Cards being ordered @19,000 points each. The Order Status said "In Process" - I could not cancel the order, there was no-one to call (not open on Sundays) -I had to wait until 7am Monday morning to report the scam. It is really disgraceful how much Fraud is going on in this world.
 
Have had it happen to me as well.

You'll no doubt have to provide a witnessed statement that you did not authorise the transfers and the points shouldn't take too long to come back. If someone has managed to get into your QFF account I would also consider changing email account passwords, as well as the QFF account details. In my case at least, this was the method they attacked from.
 
samh004 said:
Have had it happen to me as well.

You'll no doubt have to provide a witnessed statement that you did not authorise the transfers and the points shouldn't take too long to come back. If someone has managed to get into your QFF account I would also consider changing email account passwords, as well as the QFF account details. In my case at least, this was the method they attacked from.
Click to expand...

Thanks. Did all that this morning with the QFF agent. They need to introduce the code verification when there is activity on an account - this way, you would be alerted and possibly have a function where you opt to decline the process - in cases of Fraud.
 
SeekingInfo said:
Thanks. Did all that this morning with the QFF agent. They need to introduce the code verification when there is activity on an account - this way, you would be alerted and possibly have a function where you opt to decline the process - in cases of Fraud.
Click to expand...
They already have 2FA to get into account settings, but I am unsure if this extends to redemptions or not?
 
Even on standard log-in you still need to provide your PIN. Not sure how a scammer could get this from any email randomly accessed or left somewhere??

Regards,

BD
 
The Fraud was on Qantas Shopping Rewards - I think if you are making a purchase, you should be able to get an alert or verification code or something - to confirm that it is you who is doing the purchase. How much more protection do we need? It is getting ridiculous with all this Cyber Crime - in Australia at least.
 
Thanks ChrisMars - great article. Yes I went through all that this morning - just need to get a Stat Dec signed and return to Qantas. I took a screen shot of the Shopping site and it is not my email.
I felt helpless watching the order Status "In process" and then change to "Shipped" - This is where they need to add a security code verification - so that we can inform Qantas if it the member ordering.
 
The one good thing about redemptions taking ages to arrive is if you get scammed at least they have a better chance to stop.it being sent out
 
SeekingInfo said:
Thanks ChrisMars - great article. Yes I went through all that this morning - just need to get a Stat Dec signed and return to Qantas. I took a screen shot of the Shopping site and it is not my email.
I felt helpless watching the order Status "In process" and then change to "Shipped" - This is where they need to add a security code verification - so that we can inform Qantas if it the member ordering.
Click to expand...
I had a very similar experience with my AA account a few years ago.Logged into my account to see that I was in the process of getting an award flight.Immediately rang the AA Sydney office and changed my password and email back to the original.Told I may still see the award flight in my bookings for a while but points returned in 24 hours.Hopefully there were going to track the perpetrator.
 
drron said:
I had a very similar experience with my AA account a few years ago.Logged into my account to see that I was in the process of getting an award flight.Immediately rang the AA Sydney office and changed my password and email back to the original.Told I may still see the award flight in my bookings for a while but points returned in 24 hours.Hopefully there were going to track the perpetrator.
Click to expand...
I expect someone waiting at the boarding gate for the "passenger". Booking an award flight is a little hard to remain anonymous!
 
NM said:
I expect someone waiting at the boarding gate for the "passenger". Booking an award flight is a little hard to remain anonymous!
Click to expand...
That was exactly my hope.But it may have turned out to be some poor sod who bought a cheap ticket from a dodgy agent.
PS-what I couldn't understand was that they hadn't changed my password before trying for the award.
 
Struggling to Redeem Your Frequent Flyer Points?
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

That answers my question..;)

Australian Public Service.
I work in Cyber security and there's been discussion on various industry forums that quite a few high-level APS execs have been targeted through various means in attempts to drain QFF accounts recently. Just curious if perhaps this was related.
 
drron said:
what I couldn't understand was that they hadn't changed my password before trying for the award.
Click to expand...
Few reasons why an attacker wouldn't change your password:
  • Often, online systems will send an email when the password is changed, specifically to alert you to fraud. Not changing means this email isn't sent out, possibly delaying detection of the fraud
  • Depending on how you use your account, you might not notice the points redemption, but could notice a password change right away. The less you do, the less chance you have of getting caught by the account holder.
  • They don't care about access to your account anymore once they've drained it.
 
I purchased from KrisShop today using points (rather than losing them all). At the time of payment, a 6-digit code was sent to my phone before the transaction could proceed. A similar system with Qantas should stop fraudulent use surely?
 
Exactly my thoughts!! Qantas has security in place when logging onto QFF Account - why can't they do the same on their Shopping Site? Maybe after all these fraudulent actions, they will do something.
 
Status
Not open for further replies.

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..

Recent Posts

Currently Active Users

Total: 675 (members: 43, guests: 632)
Back
Top