# From Flyertalk - a claim of Point Fraud



## me_little_me (Sep 7, 2017)

> Heads up ... I got a call from Amtrak last night asking if I had redeemed my points... I had not. Turns out someone changed the email address on my account and tried redeeming all of my points. Strange thing is... I never got the typical "you changed your password" email when the fraudster did this action. I checked Spam.. nothing. I did get one when the AGR agent changed it back to my original email. She also thought that was strange and will be reporting it. This makes me wonder if perhaps they've got some bad apples on the inside of their IT department. Anyways, they are taking corrective action and giving me my points back, but wanted to spread the word in case this is a larger event. Keep an eye out, especially those like me that haven't been using AGR lately. http://www.flyertalk.com/forum/amtrak-guest-rewards/1864604-point-fraud.html


----------



## Devil's Advocate (Sep 7, 2017)

Sounds like the OP's email was hacked and the notice of address change was deleted before he could see it.


----------



## HP_Lovecraft (Sep 27, 2017)

Devil's Advocate said:


> Sounds like the OP's email was hacked and the notice of address change was deleted before he could see it.


This is a problem where I work all the time- People use the same passwords for everything.

Usually its something like Paypal and Email using the same passwords. The crook might have found the password because the victim used the same password on another, less secure website (ie gaming, p2p, etc). Paypal is then used to buy something easily sellable (ie jewelry), all logs/messages deleted from paypal and email.

It makes me wonder though: On ebay, you can find Amtrak vouchers for sale. Substantial ones like "$500 voucher for $300". It seems so shady that I wonder if its part of a money laundering scheme, or theft of some sort?


----------

