Beware: A Phishing Scam Is Posing as Delta for Your Data

Jul 20, 2018

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

A new email phishing scam is reportedly making its way around frequent flyers’ inboxes.

This time, hackers are posing as Delta Air Lines in an attempt to steal your information. And, as René’s Points reports, the scam looks pretty legit.

The email is said to have the subject line “Your Delta SkyMiles Account will be closed,” and it asks the receiver to follow a link to “update your Delta SkyMiles account information.” The scammers are hoping you will click their bad link and provide them with some of your personal data.

These scammers worked hard to make their fake email look authentic — with Delta logos and branding — and they even emulate the exact layout of a SkyMiles message. But, if you hover over the embedded link the message is asking readers to click and take a closer look, you’ll see it is not a Delta link, but a more nefarious, insecure address.

If you do get this email, do not click the link. Just by clicking, you risk granting scammers a chance to install programs like malware or ransomware on your device.

A good rule of thumb to prevent yourself from accidentally falling for an email scam, according to the Federal Trade Commission’s consumer arm, is to avoid clicking links in emails from companies or organizations. Instead, go to the company’s home page in a new browser tab and login from there. That way, you know it’s secure.

Scammers are known to target accounts like credit cards and frequent flyer logins, where valuable financial information can be harvested. Never respond to emails that request personal or financial information.

Phishing scams often use intimidation or pressure techniques (i.e., your account will be shutdown, you won’t get your tax refund) to get you to act quickly before thinking carefully. If that’s the case and it seems urgent, call the company on a trusted customer service line (not listed in the email) and inquire from there.

Turning on two-factor authentication for accounts that offer it is a good way to add an extra layer of security, too. Two-factor authentication requires your password and another piece of information (like a code sent to your phone) to gain access to your account. With this feature, if hackers do get your password, they will still have trouble logging in.

The FTC also recommends forwarding the phishing email to spam@uce.gov — and to the organization impersonated in the email — to help shut down the scam.

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.