Tag Cloud
787 a320 a380 air france airline stocks American America West betablue Boeing BUF canada china codeshares delays delta discount carriers drunk passengers E190 eleVAte Embraer first class flybe frequent flier programs frontier HPN jetblue lcc low cost carrier MCO mergers middle seat new service Northwest open skies security singapore airlines southwest Spirit thanksgiving travel travel tips united US Airways virgin america westjet zoom airlinesArchives
- July 2008 (3)
- April 2008 (1)
- March 2008 (2)
- December 2007 (10)
- November 2007 (20)
- October 2007 (20)
Recent Posts
- On Notice: Virgin RED
- Virgin America Flight Review
- Virgin America Review Upcoming
- Virgin America Heading to the Deadpool Next?
- World’s 10 Most Dangerous Airports
Pages
Blogroll
- Compare Identity Theft Services
- Identity Guard Review
- Identity Theft Protection Service Reviews
- Identity Truth Review
- LifeLock Promo Code
- LifeLock Review
- Reputation Defender Review
Subscribe to AirlineFanatic!
- On Notice: Virgin RED
- Virgin America Flight Review
- Virgin America Review Upcoming
- Virgin America Heading to the Deadpool Next?
- World’s 10 Most Dangerous Airports
- Virgin American Promotion: 30% Of All Flights
- Cell Phones on a Plane!
- Disturbed Passenger Panic Attack Caught On Tape
- Airline Stocks: Lufthansa to Buy Stake In JetBlue
- Cell Phone Boarding Passes On The Way
Warning: United Security Glitch Allows Anyone To Claim Your $100 Discount
Published by AirlineFanatic | Filed under legacy carriers, travel tips
This seems like pretty basic stuff United is missing here. According to TravelGlitch.com, anyone who buys a $100 e-certificate off ebay or through some other manner, then has unlimited access to other certificates by only changing the URL they use.
That sounds a bit complicated, but lets break it down and see how it works. First, you buy a $100 e-certificate off ebay for around $10, and then are told to go to a specific URL to claim your reward. Well part of that URL is your unique certificate number. It turns out that the first 9 digits of the certificate always stay the same, and only the last 6 change. All you have to do is start out at the number of the certificate you purchased and start counting up by one. In 10 minutes of work TravelGlitch was able to find 5 valid certificate numbers that would have given them $500 in discounts.
From one perspective this is pretty awesome news, for a $10 investment you can get hundreds in discounts. But think about all the people who actually own these certificates but have not yet used them, only to find that their number has already been used once they do actually try to use it. One would think United would have foreseen these issues and built a website secure enough to make sure certificates actually go to those who own them, rather than those who just play with their URL a bit. United has to do something about this!
[Via TravelGlitch]
Leave a Comment