Loyalty fraud is the deceptive practice of stealing or misusing loyalty program rewards or points, or airline miles, often by way of account takeovers, the creation of fake accounts, or through loyalty point resale. With account takeovers malicious actors gain access to a user's loyalty program account and then abuse a member’s rewards. With fake accounts, fraudsters may create multiple accounts to accumulate points fraudulently or use fake identities to exploit promotional offers.
This type of fraud can affect airlines, hotels, retailers, and any other businesses offering loyalty rewards, with losses often amounting to millions.
Loyalty programs require account registration to help monitor, personalize, and protect customer activities. However, fraudsters can exploit these systems by creating fake accounts or gaining unauthorized access to legitimate accounts through email phishing, password cracking, or by buying stolen credentials on the dark web. Once inside, bad actors can manipulate transactions, transfer, redeem, or even sell rewards for personal profit, ultimately undermining the program’s integrity.
Common examples of loyalty fraud methods include the following:
Customer loyalty is essential to the success of online businesses, and effective fraud prevention is crucial to the longevity of loyalty programs. Loyalty fraud not only erodes customers’ trust in the safety of these programs, which discourages participation, but also drives up operational costs given the direct financial cost of fraudulent redemptions and the ongoing costs of fraud mitigation.