Posted on Updated on News

From Miles to Military Escort: The Montreal Aeroplan Fraud Story That Triggered a National Security Scare

CF-18 fighter jets escorting an Air Canada flight at Montreal-Trudeau International Airport.

The world of points and miles is usually associated with luxury travel, free flights, and maximizing credit card rewards. But a stunning incident that unfolded at Montréal-Trudeau International Airport (YUL) on March 18, 2026, has highlighted a dark and dangerous side of the game: high-level points fraud and identity theft.

It started as a sophisticated scheme to travel for free using someone else’s hard-earned Aeroplan miles. It ended with NORAD being activated and two CF-18 fighter jets escorting a commercial airliner out of the Canadian sky.

This wasn’t just a travel inconvenience; it was a major security breach that should serve as a massive wake-up call to every points and miles enthusiast in Canada and beyond.

The Setup: A 27-Year-Old, a Stolen Identity, and 1 Million+ Aeroplan Points

According to law enforcement sources, the incident began with a 27-year-old passenger boarding an Air Canada flight from Brussels, Belgium, to Montreal, Quebec. On the surface, it seemed like a standard international trip.

However, the passenger was not who his boarding pass claimed he was. He was allegedly traveling using a stolen identity.

But he wasn’t trying to hide from the authorities for a typical crime. The goal, sources reveal, was far more specific: He had allegedly hijacked a compromised, high-value Aeroplan account (rumored to hold over 1 million points{I Know Its not a lot for us Manufactured spenders} ) and was using that stolen wealth to fund a “free” trip to Canada.

This wasn’t a crime of convenience; it was a targeted, calculated act of loyalty program fraud.

The Security Tripwire: What NORAD Actually Flagged

The plan started to unravel while the aircraft was over the Atlantic Ocean. Modern travel security systems are complex, multi-layered, and deeply integrated.

The decisive red flag was triggered when a background screening system identified a critical data mismatch: The person whose identity the fraudster was using was already listed as being on a completely different flight, in a different part of the world, simultaneously.

In a post-9/11 world, this kind of discrepancy is not treated as a minor clerical error. When two people appear in the global system using the exact same identity, authorities must immediately assume the worst-case scenario. This instantly escalated from “credit card fraud” to a potential hijacking or national security threat.

The Escalation: From Data Center to CF-18 Cockpit

The response to this data mismatch was massive, swift, and unparalleled for a case of travel fraud.

  • NORAD Activated: The North American Aerospace Defense Command (NORAD) was immediately engaged.
  • Military Escort: As the Air Canada jet entered Canadian airspace, two Canadian CF-18 Hornet fighter jets were scrambled to intercept and escort the passenger plane. A U.S. F-16 and supporting air-to-air refueling tankers were also deployed to monitor the perimeter.
  • Ground Stop: In anticipation of the aircraft’s arrival, the FAA implemented a “ground stop,” temporarily halting departures from major U.S. airports to Montréal-Trudeau to clear the airspace.

Imagine the confusion (and terror) of the other 250+ passengers looking out their windows to see armed military fighter jets flying alongside their airliner, all because of a single stolen Aeroplan account.

The Aftermath at Montréal-Trudeau Airport (YUL)

The plane landed safely in Montreal, where it was immediately met by a phalanx of security personnel. SWAT units swarmed the runway as the aircraft rolled to a stop.

Police arrested two suspects on the tarmac. However, following a rigorous interrogation and verification process that took hours, investigators concluded that the immediate “national security threat” had been neutralized. While the incident resulted in a massive police deployment and airport shutdown, authorities found no explosives or plans for a wider physical attack.

The suspects were eventually released. But let’s be clear: This does not mean they are off the hook. The Sûreté du Québec (SQ) has confirmed the investigation continues, and the primary suspect is now facing serious charges related to fraud and identity theft.

Why This Is a Critical Lesson for Every Points Traveler

This story is sensational, but it exposes a very real and growing danger. Here at pointsandmilesexplorer.com, we constantly talk about maximizing value, but your main priority should always be security.

Loyalty programs are increasingly targeted by criminals for three reasons:

  1. High-Value, Liquid Assets: Miles are often worth thousands of dollars and can be easily transferred, converted to gift cards, or used to book travel.
  2. Lax Security: Too many users view loyalty programs as “just points” and do not apply the same security standards as they do to their bank or email accounts.
  3. Cross-Platform Vulnerability: When data is breached at an airline or hotel partner, scammers often attempt to use those same login credentials for other accounts.

Top 4 Ways to Secure Your Miles and Avoid Your Own Jet Escort

Don’t let your hard-earned wealth become the cause of a national security operation. Take action now to protect your accounts:

1. Use 2FA or MFA Everywhere (It’s No Longer Optional)

Two-Factor Authentication (2FA) is your absolute best defense. This is precisely what Aeroplan encourages and what most programs now support. Without that second code from your phone, a hacker cannot log in, even if they have your password. If a program doesn’t offer 2FA, use a complex, unique password.

2. Monitor Your Accounts religiously

You wouldn’t ignore your bank statement for six months. Log into your primary points accounts once a week. Check for any unusual transfers, bookings, or redemption activity. Early detection is everything.

3. Turn on Account Activity Alerts

Most major loyalty programs let you set up email or SMS alerts for certain triggers. You should be notified immediately if:

  • A transfer of points is requested.
  • A new device logs into your account.
  • A password change is initiated.
  • A significant redemption (like an international flight) is made.

4. Use a Password Manager for Unique Passwords

Do NOT reuse the same password for Multiple Websites and your email. If one is compromised, they all are. Use a manager like 1Password or Bitwarden to generate and store different, complex passwords for every single loyalty account.

The Montreal incident is a crazy reminder of how valuable, and vulnerable, our travel wealth can be. Have you ever experienced points or miles fraud? Share your security tips and stories in the comments below!

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *