The Deal Mommy

PSA to Loyalty Programs: Hire a White Hat Travel Hacker

White Hat Travel Hacker

Boots optional.

The frequent travel community lost its mind when Wyndham announced, then abruptly pulled, a promotion that offered to quadruple SPG* points and match status if you donated the points to charity. It took a savvy travel hacker about 10 seconds to spot the Mack truck sized opportunity: SPG and Marriott’s loyalty programs are currently linked so it would be a no-brainer to take an SPG screen shot, send your points to Marriott, then take another screenshot of SPG with a zero balance. It wasn’t the most ethical thing to do, but crazy simple to execute.

*Side note to Wyndham: Starwood? Really? Love you, really I do, but what on earth makes you think a Starwood Platinum would stay at 75% of your portfolio?  Please, stay in your lane. Go after Choice next time.

Or how about last year when some marketing executive at Hyatt thought it was a brilliant idea to give SPG “platinum elites” instant diamond status over twitter?  In this case not only did Hyatt have to cancel the promo within a day, they had to make up to thousands of diamond customers who earned their status through loyalty to Hyatt.  (Note to Hyatt: I put “platinum status” in quotes because hundreds, if not thousands, of those “matches” were photoshopped. Saw that one coming a mile away.)

Both of these examples required “fraud” but a percentage of the travel hacking community is more than comfortable making a few keystrokes work to their advantage.  Savvy and ethical travel hackers can see the opportunities but decide for themselves where the slippery slope lies.

Even when promotions are followed to the letter some unintended consequences can come back to bite companies in ways they didn’t expect.

Flash back a few months to an IHG promotion that included a sweepstakes portion, which meant legally they had to have a free entry component. To be fair, IHG kept their end of the bargain but I’m quite certain their intention was not to give thousands of people a minimum of 47,500 points each in exchange for having their kids fill out postcards and attach postage stamps.

Hard at work. 10 cents/envelope to do sweeps entries. She practices math by adding to 49 cents.

A post shared by Dia (@thedealmommyblog) on

I could add any number of other promotions that had good intentions but were so quickly exploited that the company was overwhelmed by what they missed in the fine print. This is of course not specific to travel (looking at you, Victoria’s Secret, as I type this wearing free underwear).

Travel hackers live in the fine print and companies cross us at their peril. The only trait we possess more than detail orientation is social media savvy. (A sense of entitlement is a close third.)

Each time one of these promotions goes sideways I have the same thought: doesn’t the company have a hacker on staff?  Most software companies now have teams of white hat hackers whose sole purpose it to destroy that which the company is working so hard to create.  Companies do it for their own protection- one hole plugged in advance can save the company millions.

So my PSA to travel companies is: hire a travel hacker. Most likely a freelancer because that’s how we roll. Come to FT4RL, stalk Flyertalk, or just reach out to your favorite blogger. The up-front bucks you pay for a few hours of fine tooth combing by someone hell-bent on exploiting your promotion could save your company a PR disaster – and a whole lot of money.

The Deal Mommy is a proud member of the Saverocity network. 




7 thoughts on “PSA to Loyalty Programs: Hire a White Hat Travel Hacker

    1. thedealmommy Post author

      And your comment is exhibit A of how hackers live in the fine print!

      (If you don’t think it’s laughably easy to manipulate a timestamp I’m not going to show you how. I very clearly stated the methods weren’t ethical…just simple to execute.)

      1. white hat

        See now you’re closer to the real reason. Your article read that you could have gamed the system, while still staying within the T&C. It was laughably easy to game this promo, but required fraud to do so.

        “SPG and Marriott’s loyalty programs are currently linked so it would be a no-brainer to take an SPG screen shot, send your points to Marriott, then take another screenshot of SPG with a zero balance.”

        Could not happen without without fraudulently manipulating the screenshots.

        1. thedealmommy Post author

          Yes, and it’s not a deal I would have done (note the “not ethical” in the original post.). That said, any hacker worth her salt could have spotted the opportunity for fraud and warned Wyndham in advance.

    1. thedealmommy Post author

      LOL. I wonder if “Extremely detailed knowledge of rewards programs from inside and out” was included in the job description.

  1. Pingback: Layflats out of DCA, Loyalty Program mis-steps, Thailand - Tagging Miles

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest

Share This