Staying safe online - Privacy Hub

Simple steps to help protect yourself

At Skyscanner, there’s nothing more important than the trust travellers place in us

This ranges from helping you discover the best deals to keeping you safe on our platforms.

But if there’s one thing that can ruin anyone’s travel plans, it’s getting scammed or phished into providing your personal data. The good news is there’s some easy steps you can take to protect yourself online. Here are our top tips for staying cyber safe

Spotting and avoiding scams

With several scams pretending to be Skyscanner over the years, we want to remind you how to spot criminal behaviour online.

Firstly, we’ve seen a recent increase in criminals targeting our travellers with scams focused on fraudulent employment opportunities. It’s worth remembering that we’ll never share job opportunities through WhatsApp or Telegram, and we’ll never ask prospective employees to send money to us for anything either. If you’re ever asked to pay as part of a job application, please report it to us as soon as possible.

All our current available roles can be found here

Keeping yourself cyber safe

Skyscanner is an online travel search site, not a booking platform or travel agent, meaning we don’t take bookings or transactions at all, including over the phone or on instant messaging platforms
We’ll never call to ask you to complete a booking or ask for payment of any kind including a bank transfer, credit or debit card, cryptocurrency or any other method
Any payments would only ever be to the trusted airline, travel agent, hotel or car hire provider that you choose and are redirected to from Skyscanner’s platform.
We’re occasionally seeing scammers encouraging people to do this from fake Facebook pages, getting in touch via WhatsApp and also through Telegram (which we don’t use)
We’d hate for these criminals to put anyone out of pocket. With scams growing increasingly sophisticated, we know it’s not always easy to spot a fake email, message, Facebook page or phone call
If you’re ever in doubt as to whether a communication from Skyscanner is genuine, please get in touch with us securely through our help pages or take a look at our scam advice article.
Additionally, impartial review site "Which?" has some great further advice on how to spot scam emails,
Action Fraud is also a useful source of information

How to spot suspicious emails or texts

Phishers impersonate real companies to try to steal information. They might create a fake website that has our logo or send emails or texts pretending to be us

Payment details like card numbers, account numbers and PIN codes
Account passwords or answers to security questions
Identification numbers like social security or tax ID

Always be suspicious of messages that ask you to reveal this sort of information. Skyscanner will only ask for your personal data over email if you start a conversation with our customer support team (although we’ll never ask you for your password). If you’re not sure about a link in an email, hover your cursor over it. You should see the URL you’ll be directed to at the bottom of your browser.

What NOT to do with a suspicious email or text

  • 🔗 Don’t click on any links or open any attachments, even if it looks like it’s been sent by us, another legitimate company, a friend or colleague

  • 🏦 If you have clicked a link, don’t enter any log in or financial details

  • 🔎 Don’t reply to any unexpected or suspicious emails. Instead, tell us about it and we’ll be happy to investigate

If you think someone is trying to phish you, please report it to us using phishing@skyscanner.net and we’ll investigate.

Top tip

Be aware that lots of fake websites will use URLs that are very similar to ours, so check all the characters that appear in the URL extremely carefully

Top tips from our security team

While the email may look like it’s from Skyscanner, both in style and content, make sure to check the sender’s email address.

The sender’s name might say ‘Skyscanner’ but hovering the mouse over the name will reveal the sender’s full email address. It’s a good idea to check if the address has misspellings of ‘Skyscanner’

As we’re an online travel search site, we don’t take bookings over the phone and we’ll never call you.

If you’re sent a suspicious email or message, don’t click on any links or download any attachments

It can be easy for scammers to copy and paste logos, imagery or text into an email or other type of communication to make it look like it’s coming from Skyscanner.

Only official Skyscanner social media pages will carry a verified badge/tick

Never reveal passwords, personal data or bank details over email, phone or messaging platforms like WhatsApp.

Generally speaking, in many countries using a credit card typically gives you greater protection if something goes wrong.

What to do if you’ve been scammed

If you’ve been a victim of a scam pretending to be Skyscanner, there are a number of actions you can take

Contact your bank to see if they can help with a charge-back or to cancel the transfer as soon as possible. The bank should then do further due diligence on the fraudulent account with the hope to block it from receiving further payments

 Get in touch with our team here

Report the fraudulent activity to your national agency

If you’re in the UK, you should report fraudulent activity to Action Fraud, quoting the reference: NFRC211104834054

 Action Fraud

If you’re in the US, report to the US government fraud and scam site below.

 CISA Services

If you’re in Australia, report the incident to the Australian Cyber Security Centre below

 Australian Cyber Security Cenre

If you’re in India, we recommend you report this to the National Cyber Crime Reporting Portal below

 Indian Cybercrime Coordination Centre

The actions we take to try to stop fraudsters

We take several actions to try and stop fraudsters – from using legal, IP and trademark protections to contacting Action Fraud, to attempting to get associated email addresses and WhatsApp numbers closed down. We also contact the police, request Facebook remove scam pages, catalogue all incidents we’re aware of, and support scam victims the best we can

How to keep your computer secure

An infection might not be immediately obvious. But it’s important to keep an eye out for signs of infection, which could include

Lots of ‘spammy’ pop-up windows or ads
Sudden reboots, crashes or freezes
Unusually slow load times

Another potential way cyber criminals could steal information is by infecting your computer with malware (software that attacks your computer to access passwords and other personal data) or viruses (a code or programme that can steal data, log keystrokes, send spam to your contacts, etc).

If you think your computer might be infected, there are plenty of anti-malware, anti-adware and anti-virus software out there. Bear in mind that you’ll need to regularly install the latest updates as malware and viruses are always changing.

How to keep your Skyscanner account secure

With a Skyscanner account, you don’t need to create a secure password because we send you a one-time code to your email every time you log in – it’s safer and reduces the chances of someone being able to hack it.

Just a reminder that if you’re going to sell or give away your old device, sign out of any accounts or services you accessed on it, including Skyscanner

How to report security flaws

Have you spotted a security vulnerability on any of our platforms? We encourage you to tell us about it ASAP – and not to reveal the vulnerability publicly until it’s fixed. We’re always very grateful for the help and fully review these reports and act quickly to fix them. Tips and watch-outs for avoiding brand copycat scams:

To submit a vulnerability you’ve found, you will first need to sign up for free as a Bugcrowd researcher and then submit your findings directly to our programme. We won’t consider any vulnerabilities submitted outside of Bugcrowd.

 Visit our Bug Bounty program

Be vigilant about ads promoted on social media, as scams won’t usually carry the name of the company they later impersonate. Scammers often use other fake names, such as ‘Flight Fare Drop Alert’ instead of Skyscanner, to harvest contact and travel details.

We’re occasionally seeing scammers encouraging people to do this from fake Facebook pages, getting in touch via WhatsApp and also through Telegram (which we don’t use).

Look out for emails from email addresses that aren’t using official company domains, like Gmail, Hotmail, Outlook or Yahoo

If in doubt, contact the company in question via their official channels to check before going ahead with payment. They’ll quickly be able to tell you if an offer is genuine or not.

We’re occasionally seeing scammers encouraging people to do this from fake Facebook pages, getting in touch via WhatsApp and also through Telegram (which we don’t use).

We provide advice and support on our website if you suspect you’ve come across a scam, and we can help on specific cases via our help page

Visit our help page

To submit a vulnerability you’ve found, you will first need to sign up for free as a Bugcrowd researcher and then submit your findings directly to our programme. We won’t consider any vulnerabilities submitted outside of Bugcrowd.

If you spot something, please tell us about it by emailing legal@skyscanner.net.

Privacy at Skyscanner