Beware: A Phishing Scam Is Posing as Delta for Your Data
A new email phishing scam is reportedly making its way around frequent flyers' inboxes.
This time, hackers are posing as Delta Air Lines in an attempt to steal your information. And, as René's Points reports, the scam looks pretty legit.
The email is said to have the subject line "Your Delta SkyMiles Account will be closed," and it asks the receiver to follow a link to "update your Delta SkyMiles account information." The scammers are hoping you will click their bad link and provide them with some of your personal data.
These scammers worked hard to make their fake email look authentic — with Delta logos and branding — and they even emulate the exact layout of a SkyMiles message. But, if you hover over the embedded link the message is asking readers to click and take a closer look, you'll see it is not a Delta link, but a more nefarious, insecure address.
If you do get this email, do not click the link. Just by clicking, you risk granting scammers a chance to install programs like malware or ransomware on your device.
A good rule of thumb to prevent yourself from accidentally falling for an email scam, according to the Federal Trade Commission's consumer arm, is to avoid clicking links in emails from companies or organizations. Instead, go to the company's home page in a new browser tab and login from there. That way, you know it's secure.
Scammers are known to target accounts like credit cards and frequent flyer logins, where valuable financial information can be harvested. Never respond to emails that request personal or financial information.
Phishing scams often use intimidation or pressure techniques (i.e., your account will be shutdown, you won't get your tax refund) to get you to act quickly before thinking carefully. If that's the case and it seems urgent, call the company on a trusted customer service line (not listed in the email) and inquire from there.
Turning on two-factor authentication for accounts that offer it is a good way to add an extra layer of security, too. Two-factor authentication requires your password and another piece of information (like a code sent to your phone) to gain access to your account. With this feature, if hackers do get your password, they will still have trouble logging in.
The FTC also recommends forwarding the phishing email to firstname.lastname@example.org — and to the organization impersonated in the email — to help shut down the scam.