I received an email flight confirmation from United for a flight I did not book. Using the United website and the confirmation number I was able to view the passengers and last 4 of the credit card. The card is not mine and I did not find any unknown/new accounts open under my or my wife’s credit file.

I called United and fought through their AI chatbot phone service to speak with a real person who assured me that whoever purchased the ticket probably fat-fingered the email. Ok, I let it go for that night.

After the flight completed I saw that only one passenger checked a bag and reserved a seat. Hmmmm.

The next day I got a flight confirmation from Vueling, a Spanish airline, for another flight. Using their website and same method for United, I was able to view the flight information and who purchased the ticket. I called Vueling and fought their AI phone chat to get a rep who was more concerned than United, but still wasn’t sure what was going on. At least they ended the call with “I need to look into this more.”

All I can tell is that someone is getting hosed with a chargeback. The flights are always within 24 hours of purchasing.

How does one become an information security influencer?

Work at Gartner?