Imagine this: You have elite frequent flyer status. You’ve spent years building up your miles, dreaming of that perfect vacation with your family. Then one day, your digital world crumbles. You can’t access your account. Your miles vanish. Your dream vacation turns into a nightmare.
This is exactly what happened to Steve.
For years, he’d been the airline’s dream client — clocking in countless hours and millions of miles. One day, Steve simply couldn’t access his frequent flyer account. He tried different passwords, different devices. Nothing. The customer service team could see his account, his miles, his upcoming trips — but couldn’t grant him access.
Little did Steve know, his credentials had been compromised. Each attempt to recover his account, each new password and verification email, only strengthened the grip of the hackers who now controlled his digital identity. By the time Steve reached a supervisor, the criminals had already changed emails and passwords — locking Steve out completely.
His account was gone. His miles plundered. His vacation dreams shattered.
How Common Is This?
Account takeover (ATO) is not new — and it’s growing. 2024 saw a 24% increase in ATO, resulting in more than $13 billion in losses in 2023. 75% of security experts rank ATO as one of their top four issues. Some estimates show nearly 77 million consumers experience something like what Steve did.
Many airlines, hotels, and rental companies don’t focus on account takeover or even check for compromised credentials to protect customer accounts. The airline could have been more diligent in checking whether Steve’s credentials had been compromised when the criminals changed his account details — effectively locking Steve out before he even knew something was wrong.
What Airlines Could Have Done
Credential screening at the moment of account change — when a password is reset, when contact information is updated — would have flagged the compromise before the takeover completed. Cybercriminals don’t care about loyalty or hard-earned rewards. They see only opportunity.
A proactive monitoring approach would have identified the threat in real-time, triggering immediate action to secure the account and prevent the devastating loss. Don’t let this happen to your company or your customers.
The mechanics of how email became the digital economy’s most consequential vulnerability, the case studies that should have changed everything, and what a continuous intelligence approach actually looks like — all documented in “The Lying Gatekeeper,” a special report from myNetWatchman.
Read the Full Report →