One of the most common types of email fraud is called “phishing”.
Phishing is the practice of sending fake email messages that are disguised as
legitimate and often include company logos that look real.
A typical phishing email will include a false claim about a
customer’s account and either a link or button that takes them to a hoax website
that mimics a reputable company’s actual website, in the hope that they will
disclose personal information such as a credit card number or account
information. Some phishing emails may also have attachments which may contain
potential email viruses.
Traditional phishing happens exclusively via the Internet with
emails and attachments, but offline phishing involves sending direct faxes
and/or postal mailings to consumers or businesses as well.
If you suspect that you've received a fraudulent
e-mail that appears to be from Etihad Airways, do not respond. Never click on
any link that seems suspicious, open any attachments, follow instructions in
the email nor provide any personal information. Instead;
- Forward the email, including the header to firstname.lastname@example.org.
- Delete the email.
- Change your Etihad Guest account password immediately and monitor your account for any
misuse if you believe someone other than yourself has access to this
Please click here to see an example of a Phishing email.
If you have responded or disclosed your personal
information to a possible fraudulent message, notify the above email address.
Airways will NEVER contact you though telephone call or email in order to
request details of your Etihad Guest membership account personal information
such as passwords/PINs/user id, etc. It is your responsibility to report
any suspected privacy violation or other related security issues.
Additional Characteristics of a Phishing Email
Requesting personal information: Many phishing emails request personal information such as credit card or account information, passwords, etc. Legitimate emails will never ask you to perform security-related changes to your account or send emails to collect user names, passwords, email addresses or other personal information.
Official-looking sender’s email address: The “From” line may include an email address that appears legitimate.
Generic email greeting: Many phishing emails begin with something generic like “Dear User” or “Dear Customer”.
False claims: Many phishing emails make false claims about the status of your account and ask you to update or validate your account by clicking on an embedded link in the email. Some may also include a false sense of urgency and state that your account may be in jeopardy if it is not updated immediately.
Fake links: Many phishing emails include links that look valid but that send you to a spoof site. Never click on these links as the URL (Web page address) shown may appear to be legitimate (www.etihad.com) but may actually display a different URL when you hover over the link with your mouse.
Attachments: Never click on attachments as they may cause you to download spyware or a virus.
Typos and poor grammar: Many phishing emails contain typos and poor grammar in the content.