A friend of mine recently logged into her hotel loyalty program account and found a hotel booking that was totally unfamiliar to her. If this situation arises, what should you do?
1. Check for tell-tale signs that your account was hacked
The first thing that a hacker will try to do after accessing your account is to change the e-mail address and/or phone number. Check to see whether any changes have been made to your contact details. If they have –> your account has definitely been compromised.
Not only has your loyalty account been hacked, the hackers quite possibly also have access to your email account – since many people use the same password for multiple websites, this is far easier than it might seem – a smart hacker would have logged into your email account and deleted any e-mail confirmation before you could read it. Any criminal knows that the longer the victim is unaware –> the more likely they will get away with the crime.
You will also want to take a close look at the recent transactions listed on your account. Was this room booked using your points? If you have fewer points than you expect and/or this strange booking was made using your points –> your account has probably been compromised. The criminal might not even be the person listed as the primary or secondary guest; it could simply be an innocent third party who thought they were getting a bargain on a hotel stay from a legitimate-looking website. Some hackers exchange points for whatever quasi-cash they can get – Amazon vouchers, etc, – but some run a travel business based on stolen miles and points…
Do you have a credit card stored on your account? Was it used to make a cash booking? Look at the details of the room booking. You are unlikely to recognise the “secondary guest” listed, but you should be able to see whether it is your credit card being used as guarantee. If anything looks fishy, delete your stored credit card details and assume that your account has been compromised.
If anything looks off, change your password! And make it a hard one to hack!
If you are missing points, etc, then you’ll have to call the hotel chain loyalty program and explain what’s happening…
2. Consider whether to be nice and greedy at the same time
If you have made exhaustive checks of your account and nothing appears fishy, you might simply be looking at a question of human error. In that case, you might want to do nothing. Here’s why…
Is the booking at a hotel where you’ve stayed before? A hotel clerk might have accidentally pulled up the wrong customer file when making a reservation for a walk-in or direct-call guest. This is especially likely if the guest’s name is similar, but not necessarily identical to your own.
Have you recently called customer service for the hotel chain / loyalty program? Some customer service agents forget to properly close your account file before answering their next call. That next caller might just be the random guest listed on your rogue booking.
Or your account number might be very similar to the account number of the actual guest. A fat finger error, combined with a lazy / embarrassed agent, might mean nothing more than your loyalty program account number is attached to somebody else’s legitimate booking.
You first instinct might still be to “get rid of the rogue booking”. But before you do…
- You are probably cancelling a perfectly legitimate hotel booking, and somebody is going to arrive to a hotel to find that their reservation has been cancelled. Would you appreciate it if that happened to you, through no fault of your own?
- You might actually receive the points and elite status credit for this booking. If all looks safe, why not? 😀
3. Use Award Wallet
No… we aren’t paid by Award Wallet. Yes… we are aware that some readers might have an issue with one website holding all of your password details, despite their security protocols being far more secure than your password choices. But if you want to be made aware of strange things happening to your loyalty program accounts – but don’t have the time to log in frequently to each individual website – then Award Wallet is an excellent tool. The more often you click the “update all” button on Award Wallet, the quicker you will be informed of missing points, changed passwords, etc. Even in these no-travel COVID times, I still hit that button almost daily…
New users of AwardWallet who sign up with the coupon code insideflyer will get a free 6 month upgrade to AwardWallet plus. You can either use this link to sign up (it should prepopulate the coupon code), or you can add it in the box:
Have you ever received points for somebody else’s hotel booking or flight? Or discovered somebody else’s hotel booking in your account? Let us know your story in the comments section…