Accessibility informationSkip to the main content
Customers
  • If you believe that your customer account (or Skywards ID) on Emirates.com has been compromised through phishing or if you have any concern regarding the integrity of your account, we recommend that you sign in to the Skywards page and change your password immediately.
  • If you have forgotten your Skywards ID password, you can learn how to reset it here
  • If you receive what you believe to be a phishing message claiming to be from Emirates airline, or other entities of The Emirates Group, you can consult The Emirates Group phishing information page and report it.
  • If you are asked to use our one-time passcode service to recover your Emirates Skywards account, learn how to do so from our FAQs.

Privacy

You can read about our Privacy Policy and how we safeguard your personal information.

If you have a concern about the security of your account, you can contact an Emirates call center or speak to us online.

Security and privacy researchers

To report security or privacy issues affecting The Emirates Group products or web servers, you can contact security@emirates.com(Opens your email client). You can also use The Emirates Group's CyberSecurity PGP key to encrypt sensitive information that you send by email. When we receive your email, we send an automatic email acknowledgment. If you do not receive this email, please check the email address and send again. We will respond via this secure channel if we require additional information to investigate a security issue.

For the protection of our customers, The Emirates Group generally does not disclose, discuss, or confirm security issues until a full investigation has been completed and any necessary patches or fixes are available.

Notifications published by The Emirates Group CyberSecurity are signed with The Emirates Group CyberSecurity PGP key. We encourage our customers to verify the signature in order to ensure that any document received has indeed been written by our staff and has not been subject to any changes.

The Emirates Group credits researchers who have reported security issues on The Emirates Group's web servers on The Emirates Group Web Server Notifications page.

Law enforcement

The Emirates Group handles government information requests in accordance with local laws within the countries in which it operates. You can contact GSLEPI@emirates.com(Opens your email client) if you are a law enforcement agency.

Media
Avoid phishing emails, ‘free ticket scams’, ‘fraudulent invoices’, phony travel agent calls, and other scams

Use these tips to avoid scams and learn what to do if you think your Skywards ID has been compromised.

If you receive an email or someone claiming to be from Emirates calls and asks for your account name and password, then it’s likely you have been the target of a scam.

Scammers use any means to obtain your personal information including but not limited to fake emails, pop-up ads, texts and instant messages, and even phone calls. They will try to trick you into sharing personal information, such as your Skywards ID password or credit card information. Here are some helpful tips on how you can protect your account and avoid scams.

Protect your Skywards ID

Never share your Skywards ID password with anyone. Emirates will never ask you for this as part of our validation process or when providing support. If you believe that your Skywards ID has been compromised, we encourage you to change your password immediately.

If you get a suspicious phone call or voicemail

Scammers are able to spoof phone numbers and may use a combination of flattery and threats to pressure you into giving them information and/or money. We encourage you to verify the caller's identity at all times before providing any personal information. If you receive an unsolicited call from someone claiming to be from Emirates, or if in any doubt about the call, please hang up and contact us directly.

If you receive a phishing email or text message

Scammers also try to copy email and text messages including the unauthorized use of corporate logos and formats from legitimate companies in order to trick you into sharing your personal information and passwords. We recommend our customers do not follow links or open attachments in suspicious or unsolicited messages. Should you need to change or update your personal information, contact us directly.

The following signs can help you to identify potential phishing scams:

  • The sender email address or phone number does not match the name of the company that the sender is claiming to be from.
  • Your email address or phone number is different from the one that you provided to that company.
  • The message starts with a generic greeting, such as “Dear customer.” Most legitimate companies will include your name in their messages to you.
  • A link appears to be legitimate but upon clicking takes you to a website URL which does not match the address of the company website.
  • The message looks significantly different from other messages that you may have received from the company.
  • The message requests personal information, such as credit card details or account password.
  • The message is unsolicited and contains an attachment.

Report phishing attempts and other suspicious messages to Emirates

To report a suspicious email claiming to be from Emirates, you can forward the message to us at abuse@emirates.com(Opens your email client). Please include complete header(Opens external link in a new tab) information. While this email address is monitored by Emirates, you may not receive an individual reply to your report beyond an auto-acknowledgement.

Protecting Security Information

Due to the sensitive nature of security information, Emirates provides a method for you to:

1. Obtain PGP

You can obtain a commercial or free trial version of PGP Desktop from PGP Corporation(Opens external link in a new tab). Additionally, GnuPG(Opens external link in a new tab) is available as freeware.

2. Emirates CyberSecurity key

This is our PGP key and it is valid until Jan 12, 2025

Key ID: 8E56617F

Key Type: RSA

Expires: 01/13/2025

Key Size: 4096/4096

Fingerprint: AC60 79A5 44C5 67B4 1C9C A7ED 4BC6 07E3 8E56 617F

User ID: security@emirates.com

-----BEGIN PGP PUBLIC KEY BLOCK-----
 
mQINBF/+3TkBEADHEltqtuDsEhyt3X74Gba/xDW9uhYGQfFNASisEjkUEqU/oC6P
r58kHrqNVp0zY57k8+YjkTAjgteB4EV5wjM6ApgyysfPpRarBSaZ8dkwgEW0jZs0
ENz/2kz741kZIGTWiJiJtVu6oY5Z0iaL0j6eHNeTQjSW5K2NQa7QXPWqtuWLEd39
YetynVrRCQjHV3KWTXpc7hl4u2EpopYtDsT1alw/Zc+EHBN4pjNz7fxccSWa4s9j
nYu+b8B8Dlbuls+SyfIPYAJGwGRgQNAc3MX97AGJ0VkR4j8vTOCbh3M6gZPQl52L
hHgEDzJzrz8JKZgugKaP9dWm1O+wUFe1QjQrwoUt49c1QcQtvVWibIYmsM8Lk0rZ
IBFMUXO0/E15e4+pPMH8x7yxxHgw/HrfdAj5JOiYwfB/JJuMlI40uiiNu0SimW+v
b5PmkrF1xfjBuHIUsvp6piKk1ZdlxKXjTAbqHKQ2MvZyRGRDzl9mGA6vcJMyGnwg
IT7PicB4U05jvr8oqkDfiiMxsmqgxr5qgySwBbFIf3+WB4h/zE7MF2t8ewcsLUp1
TUh2F8tojEd9xtJgNPRixS6TK341GEdoyHIzpGWRGrm98G1WcEVj87d0YuPw52u/
Kv7oLuj2dTm139OtHEBp3FyqZBoTwGRrEV33L8lB85Bv10h74FTM61nA8QARAQAB
tDxjc29jQGVtaXJhdGVzLmNvbSAoQ1NPQyBQdWJsaWMgS2V5IFBhaXIpIDxjc29j
QGVtaXJhdGVzLmNvbT6JAlQEEwEIAD4WIQSsYHmlRMVntBycp+1LxgfjjlZhfwUC
X/7dOQIbAwUJB4YfQQULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBLxgfjjlZh
f+ufEAC+8d733ICQLSKDRRzAxa79SJb6iQzzzPJHfBKdIXxwgO3rRBK7clzvKrAu
6FRopbuAgJj66kwMwTHUriLn6G+MccIC5PKOc1BIYlqvP/G4+DBDBEW8ZwWxOy7D
Yfb8d5DjjhJ6lb/0UGSB+f5aGQLtJmKowjxRwk3/sUXA0owtSOuFJ/yxEPTRPMu3
avDIhT1QhKpwdCMge82WH4Rut4RVHsUuD4/ciMsoq1dk6a5Y+CBmFFqOny4yqigr
YDZArYjbNRtSlmV2aOTm2/Td9P+Kx8HRHEZHY2ykYbetoOoFtrq9a+m5BkR4v3od
zQ8EHrban8kwW6Gf8avU4dulJcOuOVK9ISmfatV6B8TFraAFyTOC96geL66/eNJR
P76WjV5T7DBk9T01ZTpABMxmeGFFxNIDl+AFo2jAJIBr8Ndz7fAVMAg1WAISH78r
82yB3TJ70lTjmhcAwSCs/5cmlpF1ywO4bu9+nZwi4bqQyhZcLa08f9vP5Zh9h1JF
C4jhSpWyZZYUOVBa6BGqK5YyELzQe1W31+Y2C4ISkm/bNdGEiyDYcJPwGBxFW6Nx
eqTnrThWDdZTizE12aBp0sevo3yC3WLmmuJuKgtHkVRfFKc+0pZMb964m7AGoWWC
KZq9KDahp67O0KOPUurkazBpj3y6EXdEn2GWbQTFXX7+uBRJXbkCDQRf/t05ARAA
3o2KBATjnRRDEBu6sqVI6ACivLSOfOhs/0Z4XRfEa4T9ko4DxqXLdKfdhmmXfKJU
toeK2gVHjtAokg1R2OQ2U+sXACbl3b9R+q3ESDH+9i3ApklnS/7q4OoXHshJ+jAN
Ych8lpCk4eYVEP1fGa5jHi+khDXTz5tKnUQSsrAJDxUM8mpgjQiOp7vPidWGEwZM
4ePZ3MP0B16fFGKQ9uAxBoqrNJnYwrYVjT7w5Nb2LFE54WTfMlJpY3nwTmbZOVQ7
5cn5+KROt0LDTmU9dcnKvuEXRAH4nco3ldfwpkTRHDdlbI9rF4Ajq78+Im/TfOa3
ndDuqV+rukIR8c2uzRvuCJCHEcncc+XgdHRAG11iTK1HsAoyprHHhgNEvdlN/OMr
Z5Z/Vk7jQWon762ctttyG5ndNnPeeAN+ju8bz100rVBZjIWxKB6juPQBoW/RJATw
FodrgfEBnFdjXbf8OOn35y0yoXj/bJ2ZvfLvfasoLiToik7ryZWHl6a0cIhRgNZ8
MbvExr4lZMGhUuplMbCF3wf5dkjmjrP/5pNtAOXt4nCWvQwQMkqReWe1hkWH6gXo
50+11TGWNI07H81ZA0yEGntt+4W4O9ubvZ4XnpB8QcqlO4l/juIXQNV+5lrgDVaJ
XgfJ38vStyJ/cEO/nmValC+f9kIFLhfoLtGl+eo0YTUAEQEAAYkCPAQYAQgAJhYh
BKxgeaVExWe0HJyn7UvGB+OOVmF/BQJf/t05AhsMBQkHhh9BAAoJEEvGB+OOVmF/
9LYP/0w19wP+zuv6+vg6XVUeRlEwsJKCtGw1DFIwgi7LNXtZYTd5xbLuKoyqoyXs
h8DGC+ziRIA4wjo1OV+FnkOgr/OEnzxnOnyJJMBLCaf6hFTK8rPr9wmBTiuIB9IC
AF3au/mfA6DmjWajwio03cer9qlWstJiqYonMXHb89dEtHDi+qq4LaSaEcJw5oXd
D2y2H/2LL7A1sxCAaDIcCUwFYMxwUwwUyrm07WgBfnlJySX9PGP8I4d8v9/Tr3I4
wCUhOo69d2hmvuHyLkG8a2LMc2AEOBw/XeA8CMcy6XDnxsJI1odfeI28kJR2nyzz
ryi78XB0vmhXwxyVHmGmO/PiAG4IXuPgSO2TxXTg8UFJ8ULKFBkQYWegjX4YBy3n
cPZWhXd3L3TpAxouYjdRLnqSHEIL13L1MlwNHOg9KzEHVXea3wpbW/2QNOEezSvw
RbsVFZ38Oyqf319E2dr6S0hw6F2rri0iNeQyM0e4DIiUNHaFtgCG10ga6bYy75Q9
tWY/dpDchXID8IhbQTq7hVk50gQ2X52/K7hFD9ycLE9jLmF5qaI2jjMyJLrf/cX5
0mDFPNQY8bqbxPCJjvoLILvSCOweELe417BOAvx+dQttfHUeNxNpZXLohRifqvL8
0BUOiRFob8/0xuyo1PkuuPb5aUGwlw0+ireD0LG07Urggicw
=oe12
-----END PGP PUBLIC KEY BLOCK-----

3. Check our PGP signature on mail messages and documents

Messages which have been legitimately sent by the Emirates CyberSecurity team are always signed with our PGP key. We encourage our customers to verify the signature in order to ensure that any document received has indeed been written by our staff and has not been subject to any changes.

4. Encrypting sensitive information

When sending sensitive security information by email, we encourage our customers to encrypt it.

If you think your Skywards ID has been compromised

Are you concerned that an unauthorized person might have access to your Skywards ID? These steps can help you find out and regain control of your account.

Because our customers can use their Skywards ID for Emirates and its partner products and services, we encourage you to ensure that your Skywards account is as secure as possible. We recommend that our customers do not share password information with anyone. If someone you don’t know or don’t trust can sign in with your Skywards account, your account is not secure.

Here are some reasons why the Skywards account you are using may not be secure:

  • Someone else created a Skywards account on your behalf, or you are using a Skywards account provided to you by your travel agent.
  • You are sharing a Skywards account with family or friends. We remind our customers that your Skywards account is your personal account. If you wish to accrue miles for, or from, family members, you can sign up for Skywards’ “My Family” program.
  • You do not recognize the Skywards account that is signed in to The Emirates App on your device.
  • You may/have shared your password with someone else intentionally or unintentionally. For example, someone else selected your password for you, you told someone your password, or you might have entered your password on a "phishing" site.
  • You do not have control of the email address or phone number associated with your Skywards account.
  • Your password may be considered weak or has been compromised. You can learn more about weak passwords here(Opens external link in a new tab) and how you should construct a more robust password for your account here(Opens external link in a new tab).

If any of the above sounds familiar , your account may be compromised and we recommend you take the following steps as soon as possible to reset your password and review your account information.

How do I know if my Skywards account was compromised?

Your Skywards account might be compromised if you receive an account notification from Emirates Skywards for a change that you did not make, or if you do not recognize changes to account details. For example:

  • You receive an email or notification stating that your Skywards account was used to sign into a device which you do not recognize or did not sign in to recently (for example, "Your Skywards account was used to sign in to Emirates.com on an unknown PC or from an unknown location").
  • You receive a confirmation email from Emirates stating that your Skywards account password was changed, or your account information was updated, but you do not recall making such changes.
  • You see Skywards miles deducted for purchases or redemptions that you did not make.
  • Your password no longer works, or it might have been changed or locked.
  • You do not recognize some or all of your account details.

If you receive an email that you are not sure is valid or you think may be a fraudulent "phishing" email, here are some helpful tips that can help you determine its legitimacy.

How can I gain control of my Skywards account?

If you believe that your Skywards account has been compromised, you can use these steps to gain control of it and review your account information:

  1. Sign in to your Skywards account page. If you are unable sign in or you receive a message that the account is locked when you try to sign in, try to reset or unlock your account. If you are still unable to sign in, you can contact the Skywards team.
  2. Change your Skywards account password and choose a strong password.
  3. Review all the personal and security related information in your account. Update any information that is incorrect or that you do not recognize, including:
  4. Check with your email address provider to make sure that you control every email address associated with your Skywards account. If you do not recognize and control the email addresses associated with the Skywards account, we recommend that you should change the password for the email address or use a different email address.

If you have completed the steps above but still have reason to believe your account is still compromised, you can contact the Emirates contact center.