Singapore Airlines has sent out an email to KrisFlyer members warning customers about known fishing attempts by email, text message or phone call.
It should be common knowledge to not click on any SPAM email link or give out your private information through unsolicited phone calls but what if the email actually appears to be legitimate based on it’s design and the person on the phone is convincing.
In fact this matter has been brewing a lot in Singapore and received snippets of press coverage here and there. I was also recently asked by a friend of mine if a certain SMS she received to her SG cellphone was legit to follow a bit.ly link in the message to reset her KrisFlyer password (obviously it wasn’t).
Here is what Singapore Airlines sent out last night:
Reports on phishing attacks have been on the rise in recent months. We would like to advise our customers to be wary of unsolicited emails, messages and phone calls that claim to be from Singapore Airlines.
Examples of recent phishing emails include informing recipients that they have been selected for a survey or won a draw, and requesting for their personal details to participate or claim the prize.
Singapore Airlines does not send emails asking customers to click on a link to enter their personal details unless it is to log in to their KrisFlyer account or to make a flight booking on singaporeair.com. We recommend you verify such emails and phone calls if you have any doubts by contacting Singapore Airlines directly.
My basic rule is that I never verify any details during unsolicited phone calls and through emails. Only by calling the company myself on the official hotline or by visiting their website.
SIA recommends the following steps to secure your account:
Companies usually don’t initiate contact with customers and ask for private information without being able to provide specific reference to a case such as a reservation or account / credit card.
From time to time I get calls from a credit card company in regards to fraud prevention but in that case they have very specific details about your card and never ask to verify numbers or account access codes. Only once did something sound fishy from Capital One and I insisted to call them back on their hotline, turned out that call was indeed legit.
Fraud with customers loyalty accounts has been on the rise in recent years and we have occasionally written about such cases where people had their accounts emptied out, awards booked in other guests (strangers) name or being locked out from their accounts. Usually companies make customers whole in such cases though sometimes it’s difficult to deal with it and might require a police report and a lot of patience.