Free Travel Coming Your Way Via Airlines. Or Is It Really?

The airline industry has a lot of information on passengers. That’s why using them for phishing attacks is useful to cyber criminals. In response to a warning from Delta Airlines, the U.S. Computer Emergency Readiness Team (US-CERT) issued an alert recently warning airlines consumers to be on the lookout for email messages attempting to gain access to personal and sensitive information.

Delta recently put a notice on its website warning its passengers of attempts to access personal data in email messages claiming to be from the airline. In these, are promises of free travel or prizes, invoices, or other documents, which Delta makes clear are fraudulent and may contain malware. The criminals go to great lengths to copy the company’s website making it difficult to tell it’s fake.

If you receive a message in email, social media, or any other way promising free travel or prizes from any airline, you should consider it suspicious. Before clicking any links or attachments, go directly to the airline’s website to verify contests or giveaways. Most likely, these are phony. If it seems too good to be true, it really is.

The Delta notice also warns consumers that they do not market to them using giveaways and prizes.

Although Delta issued this particular notice, other airlines are not immune to similar scams and phishing attacks. Southwest has been used often in scams seen on Facebook and United experienced a breach of its systems in 2015. Loyalty programs for airlines, hotels, and others are frequently targeted by scammers.

When signing up for programs like these, always use strong passwords that include:

At least eight characters
Upper and lower case letters
At least one number
At least one special character

Passwords also should not contain personal or sensitive information such as birthdates, names, or addresses. Remember to change passwords regularly, even for loyalty programs and that each password used on a site is unique to that site.

There is one last thing. If you are entering sensitive information into any website, such as payment card details, be sure to confirm that the site is secure. Look for the lock icon or the “https://” preceding the address and that the spelling of the URL is correct before hitting the “enter” or “return” key. When in doubt, don’t enter any information.

© Copyright 2017 Stickley on Security