EDITOR’S NOTE: Please indulge me for a Monday delirium post after an amazing weekend of networking.

In churning, or in real life, consider the sum of everything you know and ask yourself two questions:

  • What percentage of everything did I learn from someone else, and what percentage did I discover?
  • How much did I earn from each of the above?

Of course “always be probing”, but maybe also “always be networking” too. We often stand on each other’s shoulders.

Happy Monday!

Pictured: A churner Falls from a PPBP pyramid. (Too soon?)

EDITOR’S NOTE: This is a bonus guest post from SideShowBob233 thrown together after another run-in with a bank.

After hearing about another recent incident with a similar result, I wanted to share my story and my lessons learned from having my American Express account hacked. 

I woke up to a bunch of emails from AmEx showing my password was reset, my phone number was changed and there were some gift card redemptions.  Not a pleasant thing to see, but I had to get the kids to school so I had to put it off. The emails were hours old anyway, whatever damage happened was already done.  

When I checked later, I found the scammer had managed to reset the password on one of my personal Platinum cards, (because who doesn’t have more than one $695 annual fee card lying around under a pile of rakes?) get into my login, and apparently used chat to go to town (he – and I’ll refer to the scammer as he but it could have been a she as I’m all for equal opportunity scamming) seemingly had my 3 digit code from the back of the card and possibly my security word, but I’m not sure.  Below is a redacted (to protect the innocent, or in this case the mildly guilty) chat log of the scammer’s interactions with AmEx:

2 AM local time, SideShowBob233 is snoring loudly while sleeping in a room filled with rakes:

Amex chat: Hi Bob, please select one of these options, or in a few words tell me what you need help with.

Scammer: Hi. My name is SideShowBob233 (the 233 is my IQ). I want to request my pending points to be available. I want to use them right now. I make all my payments through Autopay and all my payments are on time. I also have orange hair.  

Amex: A Customer Care Professional will be with you shortly.

Amex: Hi Bob. This is Francis [likely not the Pope – but I wasn’t 100% sure]. I see that you are chatting to accelerate pending points.

Amex: Let me go ahead and review your account and also browse the internet while I make you wait.

Amex: Kindly verify the last five digits of the card in question and then when you last had sex

Scammer: 96969 and right now

Amex: Thank you. I am checking on it.

Scammer: Let me change that last answer as I’m already done 😬

Amex: Are you referring to the 69,420 points?

Scammer: Yes

Amex: I have accelerated pending points and it has been added into your reward points balance.

Scammer: Thank you kindly now can you help me scam some more?

Scammer: Can you help update my new office or business phone number on my accounts, cell number remains the same and I also want to use some of my Platinum card rewards balance and order 1 $69 egift card.

Amex: To update the number, I will help you to update it on the account.

Amex: Please share the business phone number you wish to add on the account.

Scammer: The online option does not seem to work, When I add the gift card to cart, the page keeps on loading

Amex: I kindly ask that you consider switching to a different browser, or alternatively, you may clear the cache, cookies, and browsing history of your current browser.

Amex: After doing so, please open a new tab and log into your online account once more; this should resolve the issue.

Scammer: I am not doing all of this right now. Can you just order it or I will try later?

[Note the angryish/insistent tone – red flag]

Scammer: XXXXXXXXX (his phone number – surprisingly NOT 1-800-SCAM-MER)

Scammer: This is the new business phone number

Amex: Do you have platinum card handy ending with 96969?

Scammer: I do

Amex: Perfect. To proceed, I will need to ask you a few security questions to ensure the process is conducted accurately on your account.

Amex: To protect your account security, please answer the following question.

Scammer: Submitted

Amex: To protect your account security, please answer the following question.

Scammer: Submitted

Amex: I have added the business number to the account.

Amex: I have ordered your $69 egift card. You will receive confirmation E-mail for the same and it will be available to use in next 4-24 hours.

Now some comments: 

The scammer seemed to have had to have both the 4 digit code on the front and 3 digit code on the back of my card.  Not clear how they got it as the card rarely leaves my house and in fact is almost never used.  It was replaced recently, which is how I am guessing it was compromised – but I am not more than 69.420% convinced that’s the case.  A swiper wouldn’t get the 3 digit code on the back but I guess if there was a camera there too, it could have.  The card was used in person exactly one time, at a Saks a few weeks ago. Did not see anything on the card reader and I was there a while; our family likes to buy stuff at Saks for some reason (might be the large clown shoes they sell).  

Now SideShowBob233 you say to yourself, again out loud while streaking through your backyard again because it’s the only way to talk over the voices you’re hearing in your head, how could you have prevented this?   I have some ideas only some of which come from the voices in my head. 

First, turn on two factor authentication in your logins.  I always avoided it and complained extensively in the few cases where AmEx forced it on me (My friends, neighbors and even random hobos near Dollar General can confirm my complaining).  No longer.  Yes, it’s a PITA but it would have kept the scammer out of my login.  Second, turn on 2FA some more.  If you don’t know how to do level two 2FA, what are you even doing with your life?  I mean come on dude.  

Also change your security word periodically, I don’t know if the scammer had mine or not, but mine was a word nobody would ever guess (not, it’s not rake, not even with a 69 after it), if they did they would have had to have gotten it from Amex rep when I called in the past.  It’s not something you’d know about me either.  P2 doesn’t even know it.  

Not many people are aware of it, but the AmEx card numbering scheme is very outdated, and there are not all that many unique numbers on AmEx cards.  Losing your card and getting a replacement number gives a very predictable result, both for the new card number AND the expiration date, meaning the 4 and 3 digit codes are the only things that are really secure once your card number is compromised.  This is likely what led to the tons of Facebook $2 fraud but who knows, maybe Zuck just needed a new island.  So if a number is compromised consider losing the card 2-3 times to randomize it a little bit (both the replacement expiration date and the last digit).  

My case had a (mostly) happy ending – AmEx apparently caught the fraud and invalidated the cards before I even called.  After uploading a DNA sample, stool sample, and Clorox wiping down my scanner, my accounts were cleared and I am now free to go back into the AmEx void to be scammed again.  My scanner still isn’t speaking to me though.  

– SideShowBob233

SideShowBob233’s two factor authentication (level two) helps protect lunch.

Bilt, a company best known (according to me) for inadvertently advertising how to abuse their program just weeks after sending a “you’re shutdown” email followed by a “j/k j/k” email to a bunch of cardholders, added Japan Airlines Milage Bank as a 1:1 transfer partner yesterday

The landing page for the linking your Bilt and JAL accounts includes the language:

“If your JAL Mileage Bank account is less than 60 days old, there will be up to a 7 day hold before you can use JAL miles to book travel.”

It turns out that Bilt is inadvertently teaching us another lesson, which is that unseasoned accounts can often cause you to be unable to use your miles until your account is old enough or until you jump through hoops like:

Having older accounts with some activity mitigates these problems, so when you do your churning spring cleaning, consider seasoning mileage accounts that you may use in the future.

Happy Wednesday!

Seasoning on Southwest hits different.

Introduction

Yesterday’s post about recent American Express shutdowns said that one of the reasons for recent shutdowns includes payments from a third party to an account holder’s cards. That statement led to a bunch of follow-up questions, and most of them were even relevant, so that was a plus. Let’s discuss the subject in a wider, more public context to help spread the love.

The Law, AmEx Style

Let’s start with the American Express payment rule, which is effectively set in stone:

American Express will shut down your account if they learn that it’s being paid with a deposit account not owned or controlled by the account holder.

If American Express figures out that a payment came from an account where the holder isn’t a signer or owner, American Express will shut it down. It doesn’t matter if you’re paying your spouse’s account from your own checking with your consent, your account from another player’s bank account with their consent, or an ACH pull from an account that you control but don’t own, if American Express finds out, they’ll shut down the cardholder’s American Express account.

The Wiggle Room

This rule isn’t particularly well known because American Express usually won’t know if you’re paying from another account, especially for routine ACH transactions. Plenty of churners have been doing this for years and are fine, so the nuance is often lost. So, how might American Express find out?

  • During a financial review, American Express may ask for proof of bank account ownership for recent payments. They’ll want to see a statement or do a three way call with a bank to confirm.
  • For more manually processed payments, like personal or business checks, the account holder information is often listed right on the payment method itself and American Express may notice if it doesn’t match. Recently, they’ve proven that they’ll look back years after the payment was made too if they’re suspicious about something else, so time isn’t necessarily the cleanser that it feels like.

If you do want to make payments for another player from your own bank account, add them as a joint account holder in case American Express ever comes knocking, then everything’s above board and you can worry about other stupid American Express things, like how to get yourself in charge of hiring at a big company for only a week to help liquidate 22 Indeed credits.

Happy Thursday!

Next time: Decoding AmEx’s secret comma laws.

Background

JetBlue added Japan Airlines (JAL) as a mileage partner last week. Over the weekend there was award space using JetBlue miles for booking at least two seats in JAL First Class between the US and Japan for most of the schedule. That sort of availability for booking JAL First is unprecedented; it’s a lot like if you drove to every Walmart in the United States and didn’t find a single person in line at a money center. While technically it’s possible to happen, if it did you’d probably wonder if you were in some sort of bizarro churning novel and whether you ought to visit every roulette table in Vegas and bet on black.

The wide-open JAL First availability was only found on JetBlue though. Other partners that can book JAL First awards like AA, Alaska, and JAL itself had almost no availability for even one seat, let alone two. So, how come JetBlue had so much availability? The dump in inventory could reasonably explained by one of two things:

  • Launch celebration: JAL gave JetBlue plenty of inventory not available to others during initial launch to celebrate the new partnership
  • Bug: A technical error between JAL and JetBlue showed space that shouldn’t have been bookable

It’s too soon to know which of the above possibilities it was, but for the sake of everyone who transferred a bunch of miles into JetBlue’s program and booked awards, let’s hope it was the former.

The Wisdom

This is a wisdom post (without an alliteration, sorry Jen), so what can we learn from all this?

  • When space is only available via a single partner, there’s a chance it’s not real and will either be non-bookable or will get cancelled before you can fly
  • When you’re going to transfer a flexible, valuable currency like Ultimate Rewards into a less valuable program like JetBlue TrueBlue, make sure you’re comfortable with stranded miles in case the booking doesn’t work; do a risk asssessment
  • Don’t forget that many airlines let you hold awards over the phone, so you can test award bookability without transferring miles in and potentially leaving them stranded (but JetBlue doesn’t offer holds, so didn’t matter in this case)
  • New partnerships occasionally open short windows of opportunity

Good luck to those who booked!

Future churning novel brings even more JetBlue-esque craziness.

Until you’ve graduated to the point where sign-up bonuses don’t really move the needle, one of your primary churning goals ought to be “always be working on a sign-up bonus”. Specifically, a starting level of this hobby is:

  1. Open a new card with a sign-up bonus
  2. Spend either organically or with manufactured techniques until you hit the spend target
  3. Start over at (1) immediately

Sign-up bonuses are typically worth a 10%-50% rebate on your spend, so don’t worry about category bonuses until you scale up. If you’re worried about 5/24 or other similar issues, focus on business cards, and especially business cards at small banks and credit unions until you graduate to a higher manufactured spend tier.

Happy Tuesday!

PS: Yes, “Always be working the sign-up bonus” isn’t nearly as sexy as “always be probing”, but that doesn’t mean it’s unsexy.

This weird 3D rendering’s message is on-point.

Background

The Chase Sapphire Preferred has had an increased sign-up bonus of 100,000 Ultimate Rewards after $5,000 spend in Chase branches since Monday of last week, and now the same offer is available directly from Chase.com. But there was another new development yesterday: Affiliate bloggers now also have links for the card.

The Impact

As you can imagine, this development means that the number of articles about the card shot up exponentially. Let’s sample a few headlines from the 12 hour period starting yesterday at 10AM Eastern and ending at 10PM Eastern:

  • “Is the Chase Sapphire Preferred worth the annual fee?”
  • “Who’s eligible for the Chase Sapphire Preferred’s 100,000 point bonus?”
  • “Record-high Bonus: Earn 100,000 points with the popular Chase Sapphire Preferred for a limited time”
  • “Chase Sapphire Preferred benefits: Everything you need to know”
  • “The best Chase credit cards to add to your wallet”
  • “10 best ways to use 100k Ultimate Rewards points: From first-class flights to all-inclusive getaways”

Affiliate bloggers can be insatiable. Now, can you guess how many different blogs it took to generate that many articles in 12 hours? The sad punchline is that it took exactly one blog. There were dozens of other articles from other blogs that could have made the list; but there was literally zero need. We got 1/3rd of a page of headlines from just a single blog.

The Motivation

Obviously the main goal for an affiliate blogger is to maximize revenue. There are two ways that they do this:

  • Maximize revenue in the short term by dumping articles incessantly to reach as wide of an audience as possible
  • Maximize revenue in the long term by being a “good neighbor” affiliate blogger that always [usually] gives you the best link, so you’ll trust them and keep coming back to use those links for months or years

The former strategy relies almost exclusively on creating urgency, and while it’s not directly required for the latter strategy, urgency still boosts revenue so the strategy is still a core tenet and at minimum a subtle part of the game.

The Defense

Urgency breaks our best plans, and a false sense of urgency leads directly to mistakes in the hobby, like:

  • Not waiting another week a referral offer to come up with the same bonus (it probably will)
  • Accidentally blowing through 5/24, 3/4/5, 2/90, or some other credit card rule because we’re worried about missing out
  • Forgetting to have your credit report in a clean state before applying
  • Not analyzing whether the Sapphire Preferred even makes sense
  • Being annoyed about the contents of your RSS feeds and writing an article about the deteriorating state of churning blogs

Look, affiliate bloggers aren’t inherently evil and you should use an affiliate link for someone that you appreciate and want to support when it’s the right card, the right time, they haven’t steered you astray, and no referral option is available. But until you’ve made that analysis consider whether you should avoid the noid noise. Also, ain’t no affiliate links ’round MEAB so that option isn’t ever real.

Taking time to consider problems before acting works.

There are often reasons for a churner to control how balances report on a credit report, for example: utilization can directly affect your ability to get cards and loans with banks and credit unions. Aside from the obvious method of paying balances right before statement close, there are a few other hacks for controlling what’s reported:

  1. Chase: Anytime you pay a Chase card down to a $0 balance, it’ll report to the credit reporting agencies the next banking day
  2. American Express: You can call the number on the back of your card and ask a representative to report your balance mid-cycle, it typically reports two banking days later
  3. US Bank: They’ll report your balance on the first banking day of every month regardless of statement close date
  4. Citi: Because #citigonnaciti, make a request via fax (ask your parents if you don’t know) at (866) 713-5028, and they’ll report two to three banking days later
  5. Synchrony: Cause a fraud alert on your account, they’ll report your balance the next banking day, and no, this isn’t MEAB sarcasm

Happy Thursday friends!

Citi’s credit reporting department IT server room.