Foreward
The churning community has a number of wanna-be-but-not-quite-seedy underbellies, and since early this week all of them circulated a hacked Chase Sapphire Preferred 100,000 point sign-up bonus link repeatedly. The hacked link beats the current public offer and is therefore somewhat enticing, but the public offer will be the same as the hacked link starting Monday. Its imminent irrelevance didn’t stop the link from finding its way in the last couple of days out of the underbellies and into the mainstream community via forums, reddit, and several blogs though (I’ve purposely not linked to any of them).
Hacked and Modified Links
Churning has a storied history with hacked links, and most of that history is buried in lore and old discussion forums that are partially or totally obscured from the public eye and google’s crawlers. We can pick a couple examples for the sake of discussion that are well known though:
- In 2016, American Express shutdown accounts or clawed back bonuses for applicants that used a hacked or modified link for 100,000 Membership Rewards on a Platinum card
- In 2020, Chase shutdown accounts for using Ink links generated from an unlisted backend business logic website not meant for public consumption
We could also pick dozens of cases in which hacked or modified links shared in churning circles paid the bonuses as expected, never lead to shutdowns, and generally worked really well for plenty of people.
On Safety
Strictly speaking, nearly all hacked or modified links don’t lead to a shutdown; you’re probably safe to use them when you encounter them as long as you can stomach the remote probability of a bank adverse action.
But, what makes the difference between a hacked or modified link that will get you the axe and any other hacked or modified link? My guess is that a critical mass of applications, bonuses, or specific marketing campaigns showing up on a bank’s KPI dashboard when it’s not expected is often the trigger. Again, leaning on the two cases from above:
- In 2016, the 100,000 point Platinum card sign-up bonus was one of the most pervasive events in the churning community, largely because a six figure Membership Rewards sign-up bonus hadn’t been available to the public ever prior to the leak. Blogs talked about it, forums talked about it, meetups talked about it; it was like a Woodstock event in the churning community.
- In 2020, The unlisted Ink links had been used successfully by a small group of churners for nearly a year. When the link became public via reddit and major blogs though, the number of applications and applicants exploded and the bank took notice. (In a note of irony, the small group of churners made the link public to try and hide themselves in a mass of applications.)
So, I’d wager that the safety of a hacked or modified link is inversely proportional to the number of applications approved using those links as a general guideline.
Finding Bad Links
How can you tell if a link has been modified or hacked? It can be hard, but there are a few telltale signs that often are good indicators:
- People call it an “unlisted” or “black car” link*
- For American Express: The landing page doesn’t have a login request and the application doesn’t have a “Next” button, everything is on one page
- For Chase: You can’t find the same bonus or offer on any public landing page, via advertisement, or co-brand website
- Also for Chase: APRs are listed as fixed and no mailers with the same offer have been seen
- A blogger says something like “this is a hacked link”
What about other banks? So far, they haven’t cared in a meaningful way, so I guess it’s fine?
Good luck friends, and have a nice weekend!
* Black car seems to have originated from a bad translation from Chinese churning forums, but somehow is now part of our vernacular. (The correct translation was probably “unlisted”.)
A hacker uses a black car to make a link.