Skip to the main contentAccessibility information

Customers

  • If you believe that your customer account (or Skywards ID) on Emirates.com has been compromised through phishing or if you have any concern regarding the integrity of your account, we recommend that you sign in to the Skywards page and change your password immediately.
  • If you have forgotten your Skywards ID password, you can learn how to reset it here
  • If you receive what you believe to be a phishing message claiming to be from Emirates airline, or other entities of The Emirates Group, you can consult The Emirates Group phishing information page and report it.
  • If you are asked to use our one-time passcode service to recover your Emirates Skywards account, learn how to do so from our FAQs.

Privacy

You can read about our Privacy Policy and how we safeguard your personal information.

If you have a concern about the security of your account, you can contact an Emirates call center or speak to us online.

Security and privacy researchers

To report security or privacy issues affecting The Emirates Group products or web servers, you can contact security@emirates.com(Opens your email client). You can also use The Emirates Group's CyberSecurity PGP key to encrypt sensitive information that you send by email. When we receive your email, we send an automatic email acknowledgment. If you do not receive this email, please check the email address and send again. We will respond via this secure channel if we require additional information to investigate a security issue.

For the protection of our customers, The Emirates Group generally does not disclose, discuss, or confirm security issues until a full investigation has been completed and any necessary patches or fixes are available.

Notifications published by The Emirates Group CyberSecurity are signed with The Emirates Group CyberSecurity PGP key. We encourage our customers to verify the signature in order to ensure that any document received has indeed been written by our staff and has not been subject to any changes.

Law enforcement

The Emirates Group handles government information requests in accordance with local laws within the countries in which it operates. You can contact GSLEPI@emirates.com(Opens your email client) if you are a law enforcement agency.

Media

Avoid phishing emails, ‘free ticket scams’, ‘fraudulent invoices’, phony travel agent calls, and other scams

Use these tips to avoid scams and learn what to do if you think your Skywards ID has been compromised.

If you receive an email or someone claiming to be from Emirates calls and asks for your account name and password, then it’s likely you have been the target of a scam.

Scammers use any means to obtain your personal information including but not limited to fake emails, pop-up ads, texts and instant messages, and even phone calls. They will try to trick you into sharing personal information, such as your Skywards ID password or credit card information. Here are some helpful tips on how you can protect your account and avoid scams.

Protect your Skywards ID

Never share your Skywards ID password with anyone. Emirates will never ask you for this as part of our validation process or when providing support. If you believe that your Skywards ID has been compromised, we encourage you to change your password immediately.

If you get a suspicious phone call or voicemail

Scammers are able to spoof phone numbers and may use a combination of flattery and threats to pressure you into giving them information and/or money. We encourage you to verify the caller's identity at all times before providing any personal information. If you receive an unsolicited call from someone claiming to be from Emirates, or if in any doubt about the call, please hang up and contact us directly.

If you receive a phishing email or text message

Scammers also try to copy email and text messages including the unauthorized use of corporate logos and formats from legitimate companies in order to trick you into sharing your personal information and passwords. We recommend our customers do not follow links or open attachments in suspicious or unsolicited messages. Should you need to change or update your personal information, contact us directly.

The following signs can help you to identify potential phishing scams:

  • The sender email address or phone number does not match the name of the company that the sender is claiming to be from.
  • Your email address or phone number is different from the one that you provided to that company.
  • The message starts with a generic greeting, such as “Dear customer.” Most legitimate companies will include your name in their messages to you.
  • A link appears to be legitimate but upon clicking takes you to a website URL which does not match the address of the company website.
  • The message looks significantly different from other messages that you may have received from the company.
  • The message requests personal information, such as credit card details or account password.
  • The message is unsolicited and contains an attachment.

Report phishing attempts and other suspicious messages to Emirates

To report a suspicious email claiming to be from Emirates, you can forward the message to us at abuse@emirates.com(Opens your email client). Please include complete header(Opens external link in a new tab) information. Whilst this email address is monitored by Emirates, you may not receive an individual reply to your report beyond an auto-acknowledgement.

Protecting Security Information

Due to the sensitive nature of security information, Emirates provides a method for you to:

1. Obtain PGP

You can obtain a commercial or free trial version of PGP Desktop from PGP Corporation(Opens external link in a new tab). Additionally, GnuPG(Opens external link in a new tab) is available as freeware.

2. Emirates CyberSecurity key

This is our PGP key and it is valid until 31 December 2027

Key ID: E4CF5A99

Key Type: RSA

Expires: 31/12/2027

Key Size: 4096/4096

Fingerprint: D2CB 86B1 4741 1783 9958 F143 457C C2D2 E4CF 5A99

User ID: security@emirates.com

----BEGIN PGP PUBLIC KEY BLOCK----
 
mQINBGRl51cBEADPvx3pF7ry/zCMGuuWi0JaoiNdj3KriSUep/sW65lA7qL0IBGk
5bANBkRLSTRnh8P1R6p08ZS2VRtZJDHlSg0Pu/tUWKdbifV/KzUbc1wWfbvx/oVG
8/gV63iyiR3hOeXLqlJQ75KSp6ncDeQlYI9MQ/4jfjeM7tYgoPaiBIY/NTKiLLoF
zAddt7YNp1qciUzvWbAx8hTijtmTtC9sm6BZ8Za+DYReCgcodV82f1530cmTUSkp
DLhsl3Jxh9jLnWooED3vz1EXQyd3Jq1BfkhqXyOutUsmdHil+yOQAASbHC0tglOM
JFWlixCHFXO0q9KzI8vO29mvCwjd/zNP2xZgLEF/hRQVGwhCJ9YMszOPyzmeIo6R
2acUNob+Nz74T4OYGrzSN/qLqPXxfRmwAUWkRIvXVfXk7+9BRLHlAwF291uo6h6n
rixB4yXwIfwc6AobXOnWsxkQend43jqdwYu1relpVwYOwugaNbKUH3FFm649xHg2
V3lzzGH1Djt3dx6OpHLXK1v+YER1u4I47+L+LvGJWCzMmvLDP+ieyg7s/UkvhedM
H9FCRcvV/VWK+uqULzPtbliTS4SWJ8BsaKItw3WvLIcyZAnRW6wibey/PO6S/u2M
xcFRhR8rMF0i5LrOCaB7pWlFdyVSfXspKVUfiNW0ZUH2yxhp2GjO6tApcQARAQAB
tCRFSyBDU09DIDIwMjMgPHNlY3VyaXR5QGVtaXJhdGVzLmNvbT6JAlQEEwEIAD4W
IQTSy4axR0EXg5lY8UNFfMLS5M9amQUCZGXnVwIbAwUJCLFjlgULCQgHAgYVCgkI
CwIEFgIDAQIeAQIXgAAKCRBFfMLS5M9amQC2EACNs5t4fdj98vV3Tz7LjW8vKIQ/
8OsHlAHkm+urnW5g5LYiXAi0JmZPgn4sb6wvOtr1TNIzrYri5TR2oTc7FvdbUPRn
vRs3Mct2IaNciUnjQtm1G7UpD7wK6oekd+fk3Eq6u+kKPpNOJPO5FLYngPY2a39A
r94QHVM3vfh6/jxmteSJBdGwyV8IBTPpEOjZAk4NY7XHojOXVSf6876eOd192Ly/
5UUDl4+aYyDJsvtx4BpqFDlQmeYFMlmpPiAkNN/qrXpCVzNmbWKgUXK+uZ5o2Big
j71fn3yetCbDSpx3mceHiZ8RHzetK5xOunVV8S2IeHdqq+v6QB55zu795k0Kbmxl
WukAmP8gOXxnoR0bXSmrIPkB/YF6uGssppBY+b5atU6fqRn5F94rdnryXtZnRH+4
iJdK6XRfMKzeeXhFZCppa3kA8G0hFFDBIryK1/cBgzHugTKYIujyjuhQW1PkUoHU
/lD9TN4unHWv8LbmvH7zbRBEwLERSMWxtd+DVuutL1r9hSee4AMDu+xytsWQxeOQ
RHQEdZR0UouK9OogcI0Vpr+421lm7rhT5zkR8aNbQfU0gbEzY1YjvhFWVC8bkfYS
NFxzWqbbg2gg+tsRAHdc3xkFfMUq5PCGsBzB69pm9g6MG0qn+Vi5GUaj6JFvVZnr
v+U5PJoUnbK1lXKKabkCDQRkZedXARAAxYmvyL+SKqq52jZIy6xXJ26vb7sp7CQz
9w5rQCIa0VG4/8RrjhIjjTHCWXqrvr8/gqYh/dS/AOBQxxmNMR1vKtmbd3WK3RIO
mHgik6qil5k0HQCS3Zj6Md3mbZawvwVHp4Yz2bXkdNPqM7mzrb+FCA8BGXFxGVUs
yIZnqwcpJivFXvQfqQg4fcEcB+cg8NJw0B/UXwbUgDHN9b1mxZlcCm+7ylwyFUnD
bgGjyXqjsK53+JEjgwhxdeYOHaq4nM8cxwad92ZgnwNwMTc2Ke2bZ7tMjEyHsMUK
fwzvgUFmuuELF/i/9tyX8YPkx8DXKwb0/oaBx+ej1NTQ4qMtyzbQ+Njsm1nDd4db
4zJmCzS7+Syyj/SLWzF+YsYUg+Gs5rVOigry9zbSJTxBWrvlDy1JQwSJUsEMbMCj
rW2a1LU18S59XZfOiDO75fTTql6qICcFK99mrJEVc8K9i9DOIrCjmMnzmfilx3OE
4AxbOIQJ6c9Qvpb33TS0vIHwNeNw1bQx02p5pQKox+CB92ah9+srnzRPQNoxysue
XrBAG8jeFhBS6TFVwEpywRaxG33udssQPALV6Sx1cx8CXVbdngOuhUYjfxZr+oMZ
szOQoeRp4KnzoYMuoa9r4IX7sS9EncxFX2kzEQbsKr3+CUBbxixCMeiIHs8VzKp6
Ob3jyLVYoIsAEQEAAYkCPAQYAQgAJhYhBNLLhrFHQReDmVjxQ0V8wtLkz1qZBQJk
ZedXAhsMBQkIsWOWAAoJEEV8wtLkz1qZ1ikP/iX7oV2FXmiUVFFM94uxucVJAOhx
BsIzFoHPvNkI35r73hMHz3XzKKdUfKt2hHm5mZhvw7f7V8jgrSIWLR7zQ3jgyiOk
EGs9OChGbZEmBR5ry+JW9paU0cwknDzgfZYaU+1uxZnGfJ5kKUdQBJ/ok+CdYmfo
XShmU72Df9CpbSP/8HUNQ0S0NRh1rHeELkgH9SVEZzU77TfyqtoLB8HSN7n2Q6Ur
I/oyXfI+pYpw7tlBvu5XRXLaKsHXWGyxxagrTt8UxhnwoCqlsv6SGh2isLBdZTwc
XL6b6xRUiN/X2zD0cd1XM0APQ3xBZObgVb+TQ9/4qfnhjuZiquN4GePWevg9PThS
23DNn4Dv0e7QeYYFdZofOf0fd/T0B98Vu1xr2RUFU0iR/E4XWU8f13VgbUNjAMEq
LEBOxe+kJX+QIzHEq3McJZhYGBkZd9qOCW1YS/7XgSJ+9Ap0ZnfL+jscVXBilDK4
zg8ACJrsKpWJZKrhsY2fXh+fVoogvOrMXbRplQvQDdXx63ufFXpJ3WlIFltjwa8A
zZ5B5a9aP2xXlrfwpV2pMrOM9JyNLq7itzSLeAymb35MTxuxp/EoEtPTqvn2mj2e
bbTDACNmvoGa7U6Q7iunQnjbruMq4pupoBCGBWvNL8EnYoVDPefefB8ste147/55
5ylF5ped+iScM18/
=M1te
----END PGP PUBLIC KEY BLOCK----

3. Check our PGP signature on mail messages and documents

Messages which have been legitimately sent by the Emirates CyberSecurity team are always signed with our PGP key. We encourage our customers to verify the signature in order to ensure that any document received has indeed been written by our staff and has not been subject to any changes.

4. Encrypting sensitive information

When sending sensitive security information by email, we encourage our customers to encrypt it.

If you think your Skywards ID has been compromised

Are you concerned that an unauthorized person might have access to your Skywards ID? These steps can help you find out and regain control of your account.

Because our customers can use their Skywards ID for Emirates and its partner products and services, we encourage you to ensure that your Skywards account is as secure as possible. We recommend that our customers do not share password information with anyone. If someone you don’t know or don’t trust can sign in with your Skywards account, your account is not secure.

Here are some reasons why the Skywards account you are using may not be secure:

  • Someone else created a Skywards account on your behalf, or you are using a Skywards account provided to you by your travel agent.
  • You are sharing a Skywards account with family or friends. We remind our customers that your Skywards account is your personal account. If you wish to accrue miles for, or from, family members, you can sign up for Skywards’ “My Family” programme.
  • You do not recognize the Skywards account that is signed in to The Emirates App on your device.
  • You may/have shared your password with someone else intentionally or unintentionally. For example, someone else selected your password for you, you told someone your password, or you might have entered your password on a "phishing" site.
  • You do not have control of the email address or phone number associated with your Skywards account.
  • Your password may be considered weak or has been compromised. You can learn more about weak passwords here(Opens external link in a new tab) and how you should construct a more robust password for your account here(Opens external link in a new tab).

If any of the above sounds familiar , your account may be compromised and we recommend you take the following steps as soon as possible to reset your password and review your account information.

How do I know if my Skywards account was compromised?

Your Skywards account might be compromised if you receive an account notification from Emirates Skywards for a change that you did not make, or if you do not recognize changes to account details. For example:

  • You receive an email or notification stating that your Skywards account was used to sign into a device which you do not recognize or did not sign in to recently (for example, "Your Skywards account was used to sign in to Emirates.com on an unknown PC or from an unknown location").
  • You receive a confirmation email from Emirates stating that your Skywards account password was changed, or your account information was updated, but you do not recall making such changes.
  • You see Skywards miles deducted for purchases or redemptions that you did not make.
  • Your password no longer works, or it might have been changed or locked.
  • You do not recognize some or all of your account details.

If you receive an email that you are not sure is valid or you think may be a fraudulent "phishing" email, here are some helpful tips that can help you determine its legitimacy.

How can I gain control of my Skywards account?

If you believe that your Skywards account has been compromised, you can use these steps to gain control of it and review your account information:

  1. Sign in to your Skywards account page. If you are unable sign in or you receive a message that the account is locked when you try to sign in, try to reset or unlock your account. If you are still unable to sign in, you can contact the Skywards team.
  2. Change your Skywards account password and choose a strong password.
  3. Review all the personal and security related information in your account. Update any information that is incorrect or that you do not recognize, including:
  4. Check with your email address provider to make sure that you control every email address associated with your Skywards account. If you do not recognize and control the email addresses associated with the Skywards account, we recommend that you should change the password for the email address or use a different email address.

If you have completed the steps above but still have reason to believe your account is still compromised, you can contact the Emirates contact center.