Dark Web Selling Chicago Travelers' Airline Miles

Got story updates? Submit your updates here. ›

A joint study by NordVPN and Saily found that airline and hotel loyalty accounts belonging to Chicago travelers are being bought and sold on dark web forums, with some profiles containing hundreds of thousands of miles or points being offered for as little as $0.75 up to around $200. Scammers can then drain balances, book trips, or convert rewards into gift cards, leaving victims dealing with potential identity theft and financial headaches.

Why it matters

This issue highlights the growing problem of credential theft and the need for travelers to take strong security measures to protect their loyalty accounts. The dark web trade of these accounts puts Chicago residents at risk of fraud, identity theft, and financial losses.

The details

The study found that some of the airlines and hotel chains most frequently cited in dark web listings include Southwest, Emirates, United, Alaska, American, Delta, Hilton, Marriott, and IHG. Criminals can gain access to these accounts through phishing, credential-stuffing attacks, and leaks from third-party travel partners. The dark web sellers sometimes advertise "safe flights" or "pay after" deals to reassure buyers, but bookings made with compromised credentials can still be traced and canceled.

• The NordVPN and Saily study was published on February 7, 2026.

What’s next

Travelers should enable unique passwords, multi-factor authentication, and closely monitor their loyalty accounts for any suspicious activity.