People tend to post their selfies, pictures of them waiting at the airport on social media usually while taking a trip. Clicking a picture of your boarding pass and posting it on social media platforms is considered to be a cool practice amongst today's online generation. But in all its reality, this cool practice can convert your flight into major havoc.
Social media has now become a necessity for the community, and so many people post their boarding pass pictures under public settings, they think about the bragging rights and not what is lurking within that picture that could be used by someone with evil intentions. Aside from your name and destination, your boarding pass includes some of the following very important and sensitive information:
-For starters, it might be the number of your loyalty or frequent flyer card. This number or the cardholder’s name is, in some cases, enough for an outsider to log onto your personal profile on the airline’s website or to check-in online.
-The second piece of important data hiding is a thing in your boarding pass called Passenger Name Record, or PNR for short. PNR is a reservation code, which serves as a unique identifier of the passenger in the computer reservation system. The PNR also includes information on the fare, as well as payment information (like a credit card number). In some cases the following information can live within the PNR: passenger’s phone number, his/her accommodation details in the destination country, date of birth and passport data
-If the PNR contains a telephone number, the scammer will be able to duplicate the SIM card and steal all your money from the account and even use it to make payments online.
-Imagine coming to the airport only to find out you are not on the list. It turns out that someone called the airline on your behalf, confirmed all of your personal data and asked to cancel the ticket. In case you had a connecting flight – congratulations on not going anywhere!
-Bye-Bye Miles — We have already noted that a frequent flyer number can be held within the PNR. Using this number along with and some social engineering tricks, an outsider can get access to your frequent flier profile. The hacker can easily reset the password and gets access to your profile, he might drain all of your bonus miles. One would have a hard time proving the fact of the scam to the airline, and should a culprit use your miles in violation of the Terms and Conditions of the program (for instance, reselling them), the airline might go as far as blocking your frequent flier profile for good.
So, the next time you are flying in or out, make sure you think twice before showing off your journey to the world. It could cost you – a lot.
—inputs from Kaspersky Labs