Fraud on Velocity Frequent Flyer accounts
- Thread starter bluemelbs
- Start date
- Joined
- Oct 19, 2013
- Posts
- 415
- Qantas
- Platinum
- Virgin
- Platinum
- Oneworld
- Emerald
And a very good reason to only use 4G, 5G, or a solid VPN at any airport, or shopping centre world wide.
dizz
Junior Member
- Joined
- Apr 7, 2023
- Posts
- 16
Add me to the list :'(
Here's another data point for the thread:
Email at 6:53am saying 'Your Redemption was Successful.' Definitely hadn't made any redemptions recently and upon checking my points activity saw 2x 51200 points redemptions for flights between Lagos and Doha.
Called the velocity number and was told they didn't open til 8AM. (Changed password in the meantime).
Called back at 8AM and spoke with Eugene.
Went through the confirmations, then he asked if I had another email address to add to the account for them to contact me. Not sure why.
He asked me a few questions, including 'Do any family members or anyone else have access to our account?' (No) and
'Have you connected to any public Wi-Fi in recent months?' (Yes, stayed at an Accor hotel night before last. Interesting that they've got that as a default question...)
He then asked ' do you recognize these names? Akim Hassan or Julius Oekemni (sp?)?' (No)
Was advised my account would be placed under investigation and he would transfer me to a supervisor.
Transferred to Supervisor Patrick after a short hold while Eugene briefed him.
Patrick asked again about any others having access to my account. And then asked whether I had authorized anyone to use my points for a booking between Doha and Lagos. (No)
Read through and confirmed the personal details on my account were still accurate/unchanged (Yes)
He then jumped to a script very similar to the emails posted above - systems alerted to suspicious activity. Account placed under investigation, etc.
Advised no access to the account and that the team would contact me within 30 days.
He said he'd be calling the investigative team immediately after our call to get them to start an investigation but they couldn't provide any details of the investigation while it was happening.
I asked if they'd be cancelling those fraudulently created bookings but was met with a rather vague 'I'll be contacting the investigations team straight after this call. We're going to look into this for you.'
Pretty rough start to the day.
Am a lowly Red, but with a switch of family pooling for our next flight I was just going to scrape into Silver for the first time. Looks like I'll kiss that goodbye.
Here's another data point for the thread:
Email at 6:53am saying 'Your Redemption was Successful.' Definitely hadn't made any redemptions recently and upon checking my points activity saw 2x 51200 points redemptions for flights between Lagos and Doha.
Called the velocity number and was told they didn't open til 8AM. (Changed password in the meantime).
Called back at 8AM and spoke with Eugene.
Went through the confirmations, then he asked if I had another email address to add to the account for them to contact me. Not sure why.
He asked me a few questions, including 'Do any family members or anyone else have access to our account?' (No) and
'Have you connected to any public Wi-Fi in recent months?' (Yes, stayed at an Accor hotel night before last. Interesting that they've got that as a default question...)
He then asked ' do you recognize these names? Akim Hassan or Julius Oekemni (sp?)?' (No)
Was advised my account would be placed under investigation and he would transfer me to a supervisor.
Transferred to Supervisor Patrick after a short hold while Eugene briefed him.
Patrick asked again about any others having access to my account. And then asked whether I had authorized anyone to use my points for a booking between Doha and Lagos. (No)
Read through and confirmed the personal details on my account were still accurate/unchanged (Yes)
He then jumped to a script very similar to the emails posted above - systems alerted to suspicious activity. Account placed under investigation, etc.
Advised no access to the account and that the team would contact me within 30 days.
He said he'd be calling the investigative team immediately after our call to get them to start an investigation but they couldn't provide any details of the investigation while it was happening.
I asked if they'd be cancelling those fraudulently created bookings but was met with a rather vague 'I'll be contacting the investigations team straight after this call. We're going to look into this for you.'
Pretty rough start to the day.
Am a lowly Red, but with a switch of family pooling for our next flight I was just going to scrape into Silver for the first time. Looks like I'll kiss that goodbye.
- Joined
- Mar 1, 2019
- Posts
- 2,651
- Qantas
- Silver Club
- Virgin
- Platinum
- Oneworld
- Sapphire
You should be able to block any rewards made that say for example don't originate from Australia or that DO originate from middle east etc etc,
Some form of blocking of making bookings from places you personally wouldn't really book.
An extra layer of security to avoid these scenarios where Velocity members are locked out of their accounts & hassled for 30 days.
Even maybe any booking over say 50,000 points to have some sort of confirmation from the actual member.
maybe this a very small quilt of members being scammed, but why not take further precautions or at least give that option to members.
I do worry about being scammed as have plenty points. Nothing you can do to protect yourself....change password each week, would that even matter, how are the scammers getting in anyway? unknown?
Some form of blocking of making bookings from places you personally wouldn't really book.
An extra layer of security to avoid these scenarios where Velocity members are locked out of their accounts & hassled for 30 days.
Even maybe any booking over say 50,000 points to have some sort of confirmation from the actual member.
maybe this a very small quilt of members being scammed, but why not take further precautions or at least give that option to members.
I do worry about being scammed as have plenty points. Nothing you can do to protect yourself....change password each week, would that even matter, how are the scammers getting in anyway? unknown?
Happy Dude
Established Member
- Joined
- Oct 13, 2006
- Posts
- 2,758
Sounds like Dizz has lost access now, but I tried that avenue in my case.
There is the 'provision' to request cancellation online, but:
1) It says fees will be charged, so wasn't keen to intentionally incur charges, which may cause separate issues/arguments trying to get refunded
2) As the booking is with a partner airline, the request isn't fulfilled online automatically, but actually looks to be just raised as a ticket to their bookings desk... which of course isn't open at the time, nor prior to the flight in my case (so it made the first point a moot point anyway).
markis10
Veteran Member
- Joined
- Nov 25, 2004
- Posts
- 30,549
- Qantas
- LT Gold
There are very clear fingerprints left that any such touch would be new and not recurring, so unlikely to hinder any investigation from an IP security perspective.
I’d be amazed if that happened, and even that there was any investigation at all. I suspect the 30 days is just some default lock, and nothing is investigated at all.
Read our AFF credit card guides and start earning more points now.
Why take the risk at all? It doesn't make the 30 days any shorter. By all accounts Velocity is refunding all stolen points. The hacker likely already has the money. The poor victim who paid them will just be stranded at the airport.
So, after my points were reinstated back in October I finally got around to create a new account as suggested by Velocity and just called up this morning to get it all transferred over (status, points etc.). So I thought I'd probably get passed around to a specialist team that will be able to do this, but it turns out the first person I spoke to was "Yes sure, I can do this for you" (which begs the question, how often is this happening and necessary??).
So it turns out what they do is "merge" the accounts, you end up with all your history, status etc. from your old account, but new membership number and credentials, but it also says "member since 2024" now. Given all the history is there, I am hopeful re the Lifetime Gold assessment later next year not missing the old account history (fingers crossed!).
On a positive note, it looks like you can get a second go with hotel and rental car status matches, both show as "available" now.
So it turns out what they do is "merge" the accounts, you end up with all your history, status etc. from your old account, but new membership number and credentials, but it also says "member since 2024" now. Given all the history is there, I am hopeful re the Lifetime Gold assessment later next year not missing the old account history (fingers crossed!).
On a positive note, it looks like you can get a second go with hotel and rental car status matches, both show as "available" now.
This has just happened to my daughters account...700,000 points!
The fact that Velocity has not implemented 2FA security for its account holders should mean that Velocity needs to accept responsibility for these frequent thefts that are being reported.
The fact that Velocity has not implemented 2FA security for its account holders should mean that Velocity needs to accept responsibility for these frequent thefts that are being reported.
- Joined
- Mar 1, 2019
- Posts
- 2,651
- Qantas
- Silver Club
- Virgin
- Platinum
- Oneworld
- Sapphire
What a huge pain in the ...
So are you able to still make a rewards booking? using your points? in the next few weeks?
anyway of seeing transactions within the 30day investigation?
Was there a middle eastern flights booked in your daughters acc etc?
No improved security as Velocity too busy devaluing status holders!
Legoman
Active Member
- Joined
- Nov 5, 2015
- Posts
- 596
They think they are taking responsibility by refunding the points with few questions asked. This of course however doesn't address to any degree whatsoever the inconvenience, the wasted time, the hassle, mental anguish and frustration expended by the victim, but they don't care about any of that. That's your problem to deal with.
AustraliaPoochie
Senior Member
- Joined
- Feb 9, 2014
- Posts
- 7,729
Yeap, they have no interest in solving and stopping the breach.
We and they probably still do not know, of how the scam/scammer/scammers succeeded in doing their deed.
So, in the end, the scammers have still won, by being successful in taking the points out in the first instance.
Refunding the points, and leaving it at that, is the easy way, indeed.
But then, most orgs are like this.
Banks, in re to scams, they could easily block transactions, but say they cant.
Same as telcos.
Maybe its just that they do not want to spend money dealing with the intricacies of the methods of the scam.
Or to find a way to cease and desist the scam/s.
We and they probably still do not know, of how the scam/scammer/scammers succeeded in doing their deed.
So, in the end, the scammers have still won, by being successful in taking the points out in the first instance.
Refunding the points, and leaving it at that, is the easy way, indeed.
But then, most orgs are like this.
Banks, in re to scams, they could easily block transactions, but say they cant.
Same as telcos.
Maybe its just that they do not want to spend money dealing with the intricacies of the methods of the scam.
Or to find a way to cease and desist the scam/s.
Legoman
Active Member
- Joined
- Nov 5, 2015
- Posts
- 596
You've just identified the three most hated and distrusted market sectors for all consumers in Australia if not the world. Airlines, Telcos and Banks.
Treat the symptom, not the disease. In the case of Virgin this is especially true because the whole thing is for sale. Just placate the victims by treating the symptoms in the short term and then hopefully we can flog it off to someone else for the disease to become their problem and expense to fix instead.
- Joined
- Jul 23, 2022
- Posts
- 128
- Qantas
- Platinum
- Virgin
- Gold
- Oneworld
- Emerald
Virgin, why not just implement 2FA?
- Joined
- Apr 6, 2018
- Posts
- 2,624
It is prob covered elsewhere but is the sale of Virgin likely to further devalue points. Noting these fraudulent events - I am sitting on nearly a million pts - is tempting me to cash up.
Become an AFF member!
Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!
AFF forum abbreviations
Wondering about Y, J or any of the other abbreviations used on our forum?Check out our guide to common AFF acronyms & abbreviations.
Currently Active Users
- 05flyer
- wenglock.mok
- ADLhighflyer
- esquire
- jbmarshall90
- DejaBrew
- jase05
- tgh
- randompunter
- woocalla
- Peasant
- NickCook2066
- OZDUCK
- mike0430
- Cessna 180
- Notyourbag
- MEL_Traveller
- Foz
- woodyren
- pjm99au
- dajop
- smsh63
- redwoodw
- Brissy1
- SJF211
- bjm76
- crh66
- Austman
- Hunter4vr
- Grimace1
- Hawk529
- sudoer
- Skuttlebutt
- FlyingFiona
- MJ Coliandris
- VPS
- ben95
- The Man in Blue
- RB001
- NoName
- muppet
- jason_c
- Le_Champion
- Harrison_133
- Foreigner
