Security Help

How to keep yourself cyber-safe

If there’s one thing that could take the shine off your travel plans, it’s getting hacked or phished. Sadly, there are some not-so-nice types out there who would like to get into your email, phone, or Skyscanner account — either by breaking in (hacking) or tricking you into giving up your personal details (phishing).  

The good news is, there are some very easy steps you can take to protect yourself online. Here are our top tips for staying cyber-safe. 

How to spot suspicious emails or texts

Phishers often impersonate real companies to try and steal your information. They might create a fake website that looks like ours, or send emails and texts that pretend to be from us. 

Personal details that phishing scams typically target include:  

  • Any payment details (card numbers, account numbers, PIN codes, etc).
  • Your account password or answers to security questions.
  • Any identifying numbers, like social security or tax I.D. 

Always be suspicious of messages that ask you to reveal this sort of information. Skyscanner would only ask you for personal information over email if you initiate communication with our customer support service (although, this will never include your password).

We will only send you SMS notifications relevant to your bookings. If you engage with us through SMS we will ask you for your information so we can verify your identity

If you’re suspicious of a link in an email, try hovering your cursor over the link. At the bottom of your browser, you should see the URL that clicking the link would take you to. Be aware that a lot of fake websites will use URLs that are very similar to ours, so check all of the characters that appear in the URL extremely thoroughly. 

Think someone’s trying to phish you? Please report anything suspicious to us at  phishing@skyscanner.net   We’ll investigate.

What NOT to do with a suspicious email or text

  • Don’t click on any links or open any attachments that have been included in an unexpected or suspicious message — even if it looks as though the message has been sent by us, another legitimate company, a friend, or a colleague. 
  • If you’ve followed a link that was provided in an unexpected or suspicious message, don’t enter any of your log-in or financial details. 
  • Don’t reply to any unexpected or suspicious messages. Instead, tell us about it, and we’ll be happy to investigate. Just shoot us an email at phishing@skyscanner.net 

What if I already opened the link and/or gave out my information?

First of all: don’t panic. There’s plenty you can still do to protect yourself. 

  • If the suspicious link, email, text or website was posing as Skyscanner, change your Skyscanner password. Make sure your new password is totally original — not something you already use for other accounts. Find our advice on creating strong passwords here.
  • If you use that same email and password for other accounts, change those, too. The best way to protect yourself is to have a different password for every online account you have, so try to do this going forward. Sure, it’s annoying, but it’ll make it much harder for anyone to hack you.
  • Did you enter any financial or payment information? Get ahead of the problem and call your bank or other financial institution right away. They’ll be able to monitor any suspicious activity on your accounts. 

How to keep your computer secure

Another way cyber criminals steal information is by infecting your computer with malware (software that attacks your computer to access passwords and other info) or viruses (a code or programme that can steal data, log keystrokes, send spam to your contacts, etc). 

An infection might not be immediately obvious. But it’s important to keep an eye out for signs of infection, so that you can fight it. Signs that your computer may be infected include:

  • Unusually slow load times
  • Lots of ‘spammy’ pop-up windows or ads
  • Sudden reboots, crashes or freezes 

Think your computer could be infected? You can use ‘good’ software to fight ‘bad’ software. Computer manufacturers and IT specialists can recommend a number of anti-malware, anti-adware, and anti-virus programmes. 

Bear in mind that you’ll need to regularly install all the latest updates for this ‘good’ software, as malware and viruses are always changing and developing. 

How to keep your Skyscanner account secure

The easiest way to make sure no one can break into your account? A strong, unique password.

See, if you use the same email address and password for lots of different services, it’s more likely someone could take over your Skyscanner account. That’s because any of those other services could suffer a security breach. And if that happens, the attacker will use the password they stole from the breach to try and get into your other accounts.

OK, so every online service you use today requires a password — how are you supposed to remember a different password for each one? That’s where a ‘password manager’ can come in handy. This highly recommended tool creates and remembers unique passwords for you, so you don’t have to. The most advanced password managers cost money, but there are plenty of good, free ones, too — and they can even sync across all your devices. Do some research and find out which password manager might best suit you.  

Talking of devices, if you’re going to sell or give away an old device, remember to sign out of any accounts or services that you accessed on it — including Skyscanner.

It’s also a good idea to regularly change your password, however strong — but a password manager can help with that, too.

How to create a strong password

All right, no password can ever be 100% secure. There are no guarantees in this life! But you can greatly reduce the risk of your password being easily guessed, or even revealed in a cyber attack, by following these recommendations:

  • Make sure your password is at least eight characters long. The longer it is, the more time it takes for a person or system to work it out.  
  • Your password shouldn’t take any sort of logical, recognisable form: no words from the dictionary, no names, no dates, no addresses, etc.
  • A strong password could be achieved by using a passphrase,  something like “colourful unicorn violet building” or “elephant drawer fantasy picture ” make sure that the words are random, and doesn’t make sense together and are grammatically incorrect order. Once you have the phrase you can add an uppercase, a number and a symbol and you will end up with very strong password: “1colorful*unicorn*violet*building*”

Again, to keep your account as secure as possible, it helps to regularly change your password. You can update it from your Account page on the Skyscanner website, or send yourself a password reset email using the Forgot Password option on our homepage .

How to report security flaws

Have you spotted a security vulnerability in any of our services? We encourage you to tell us about it ASAP, and to not reveal the vulnerability publicly until it’s fixed. We fully review these reports, act quickly to fix any problems, and are grateful for the assistance. For more about this, please see our Vulnerability disclosure policy.

How to find out more about privacy

Got questions about the privacy of your Skyscanner account info? Check out our Privacy Policy. As privacy policies go, it’s not tooboring.