Website security guidance

The most common forms of fraud today involve Phishing (emails) or Smishing (texts or social media) to try to trick you into providing personal or other information.

Virgin Atlantic will never ask you for your password or credit card information over email, text message, or via social media.

Never open links or email attachments from someone you don’t know, or if the message is odd or unexpected.   

Criminals lull you into a false sense of security or rely on your defences being down when you’re in the comfort of your own home.  They may appear trustworthy, but they are not who they claim to be.

• A genuine organisation won’t threaten account closure or pressure you into making decisions to get you to do something then and there.
• Always challenge and refuse unusual requests for personal or financial information.  
  
• It’s okay to stop the discussion if you don’t feel in control of it or fully understand the reason for the request.
  

There are many third-party websites that sell our tickets. But just because a third-party website claims to represent Virgin Atlantic Airways, it may not. If you deal with them you risk compromising your personal and financial information.

The only way to be sure you’re doing business with Virgin Atlantic is by going to:
https://www.virginatlantic.com/
https://flywith.virginatlantic.com/
https://flights.virginatlantic.com/
https://help.virginatlantic.com/

Scammers habitually attempt to abuse the trust you place in us by impersonating Virgin Atlantic using illegitimate websites and outlets with the intent of defrauding you. Always check that an agent holds the appropriate IATA, ABTA and ARC accreditation.

Weak passwords can be cracked in seconds. The longer and more unusual your password is, the harder it is for it to be cracked by those looking to do you harm.

The best way to keep yourself protected is to:

• Use strong unique passwords for all online accounts.
• Take particular care with your email accounts, those you use to purchase goods or services, or that contain lots of personal information.
• Avoid the most common passwords that can be easily guessed (like ‘password’).  
• Avoid creating passwords that contain personal information like significant dates, family names, pet names etc.
• Set up 2 factor or multifactor authentication where possible on your important accounts.

When browsing the Internet or logging into sites:

• Make sure the website is secure. A secure site’s address will start with “https”, rather than “http”, and have a padlock icon in the URL field. This indicates the website uses encryption so it can’t be intercepted by others.
• Be alert to links and websites directing you to websites that try to mimic the genuine one but are fakes. These fake sites harvest your personal details. Tell-tale signs on fake sites include spelling and grammar mistakes, incorrect branding and logos, or website addresses that appear suspicious.
• Always verify you are on a genuine Virgin Atlantic website, social media page and that the connection is secure before entering your personal information such as passwords, credit card number or other private information.

By keeping all your internet connected devices updated with the latest software, operating systems and apps you increase your chances of protecting yourself against attacks that often target those with weaker security.

There are many devices on the market, so we recommend you consult the support pages of the manufacturer official sites on how to update yours.

WiFi is a great way to stay connected but public WiFi and hotspots are not always secure and might be accessible by others.

If you’re using a WiFi network that isn’t password-protected or that has a shared password, it’s possible that a criminal could intercept your signal to collect your passwords, credit card information and more. Only use protected WiFi networks with a unique password or your device’s mobile data network, especially if logging into accounts that hold sensitive data.

Your information security is vital to us.  

• Do check your account regularly.  
• If you see unusual account activity or suspect your account has been misused, please change your password immediately, and contact us.

In addition, if you think you’ve been a victim of fraud and have suffered a financial loss, you should contact your local law enforcement agency.