Beware Of United Airlines MileagePlus Scam Emails

United Airlines’ MileagePlus program is one of the largest and most popular airline loyalty programs in the world. Unfortunately, scammers are taking advantage of MileagePlus members by sending fake offers for free flights and tricking people into giving up personal information. This article will explain how the scam works, how to spot it, and what to do if you are targeted.

Overview of the Scam

This scam starts with an email sent to MileagePlus members claiming to be from United Airlines. The email states that as a MileagePlus member, you have been selected to receive two free round-trip flights within the continental United States.

To claim the offer, you simply need to complete a short customer satisfaction survey using the link in the email. However, the link actually leads to a fake website impersonating the official United Airlines site. The site asks you to enter personal information and credit card details to verify your identity and claim the free flights.

In reality, United Airlines is not offering any such promotion. The email and website are a scam designed to steal personal and financial information. Any information entered will be collected by scammers who seek to commit identity theft and credit card fraud.

How the Scam Works

Here is a step-by-step overview of how the MileagePlus scam operates:

You receive an email claiming to be from United Airlines. The email is made to look official, containing United Airlines branding and logos. The subject line will say something like “Your MileagePlus Opinion Matters – Get 2 Free Roundtrips.”
The email states you’ve been selected for a customer satisfaction survey. It claims that to thank MileagePlus members for their loyalty, United Airlines is giving away two free round-trip flights within the continental US to those who complete a short survey.
A link is provided to take the survey. The link in the email goes to a website designed to mimic the official United Airlines site. However, the URL will be slightly different, often containing extra words or misspellings.
The site asks for personal and payment information. To claim your “free flights” you are prompted to enter details like your name, MileagePlus number, home address, email address, and credit card information.
Your details are stolen. The website is fake and run by scammers who steal any information you enter. Your personal and financial details will be used for identity theft and fraudulent activities.
You never receive any free flights. United Airlines did not send the email and is not offering any promotion for free flights for taking a survey. The entire thing is a scam designed to gather your private data.

How to Spot This Scam

While the emails and websites used in this scam are designed to look authentic, there are a few red flags that can help you identify and avoid it:

Misspellings/grammatical errors: Scam emails often contain typos, grammar issues, or improperly formatted content.
Suspicious sender address: While the email name may say “United Airlines,” the sender’s email address is likely a random string of characters @ a non-United domain.
Unofficial website URL: The link goes to a website trying to imitate United, but the URL will be slightly altered with extra words.
Request for personal/financial information: United would never ask for your credit card, MileagePlus number, or other private details over email or online surveys.
Too good to be true: Free roundtrip flights within the US is likely too good a reward for just taking a short survey. Offers that look unrealistic are often scams.
No recollection of entering any contest/sweepstakes: You never signed up for or agreed to take any United Airlines customer satisfaction survey.
Poor image quality: Scam emails often use low-quality or altered United Airlines logos and imagery.
Threats or sense of urgency: Scammers try to get you to act fast by saying the offer expires soon or your account is at risk.

What To Do if You Are Targeted

If you receive an email with an offer for free United Airlines flights for completing a survey, do the following:

Do not click any links or open attachments. The link likely leads to a fake, scam website designed to steal your information.
Forward the scam email to United Airlines. Forward the suspicious email to abuse@united.com so United can investigate fraudulent use of their brand.
Report the scam. File a scam report with the FTC at ReportFraud.ftc.gov and notify your local authorities.
Warn others who may be targeted. If you know others who actively use their MileagePlus accounts, make them aware of this scam.
Monitor your accounts. Keep an eye out for any suspicious charges or activity on your credit cards and MileagePlus account. Report unauthorized transactions immediately.
Change passwords. If you did enter any account information into a scam website, change your passwords right away.

What to Do if You Entered Your Information

If you provided any personal or financial details before realizing it was a scam website:

Contact your credit card company. Alert them to possible fraudulent charges or cash advances on your account. Consider cancelling your card and getting a new one reissued.
Place a fraud alert. Contact one of the three credit reporting bureaus to place an initial 90-day fraud alert on your credit file. This makes it harder for scammers to open new accounts in your name.
Monitor your credit reports. Order a free copy of your credit report from each of the three bureaus and look for any accounts or inquiries you don’t recognize. Report any suspicious activity.
Change online account passwords. Update the passwords for your email, MileagePlus account, and any other online accounts to prevent scammers from accessing them.
Review MileagePlus account activity. Check your United account for any upcoming award travel you did not book yourself and contact United Airlines.
Consider an identity theft protection service. Sign up for an ID theft protection service that will monitor your credit and alert you of any suspicious activity.

Conclusion & Key Tips

The MileagePlus survey scam is a deceptive attempt to access customers’ personal information under the guise of a fake flight promotion. Stay vigilant against phishing scams by looking for warning signs like suspicious links and requests for sensitive information over email. Never provide credit card details, account numbers, or other personal info to unverified sources.

With scam awareness and good cybersecurity habits, you can avoid surrendering your private data to scammers seeking to profit off identity theft. Be cautious when reviewing unsolicited offers and do your research before providing information. Together we can dismantle these criminal operations by being informed consumers and reporting suspected fraud.

Key Tips to Avoid This Scam:

Never click direct links in unexpected emails – type the official site URL directly into your browser.
Don’t trust exciting offers requiring personal/financial details over email.
Look for grammatical errors, fake addresses, and “too good to be true” pitches.
Don’t give out your MileagePlus, credit card, or other sensitive information via online forms.
Report scam emails to United Airlines and organizations like the FTC to help warn others.

Frequently Asked Questions

Q: What is the MileagePlus survey scam?

A: This is a phishing scam where MileagePlus members receive fake emails offering free flights to take a customer satisfaction survey, but it’s really a ploy to steal account and credit card details.

Q: How do I tell if an email from United Airlines is fake?

A: Check for spelling/grammar issues, suspicious sender addresses, altered logos, urgent threats if you don’t act fast, and unrealistic offers like free flights for doing a survey.

Q: Can this scam really get my free flight miles?

A: No, it is not actually affiliated with United Airlines or the MileagePlus program in any way. The scammers cannot directly access or redeem your earned miles.

Q: I entered my information into the website. What should I do now?

A: Immediately contact your credit card company and place a fraud alert. Monitor your credit closely and change any passwords that may be compromised. Review your MileagePlus activity for any unauthorized bookings.

Q: Why does United Airlines allow this scam to happen?

A: United does not allow or endorse this scam at all. Scammers are illegally misusing the United and MileagePlus names without permission. Make sure to report the scam to United Airlines.

Q: How can I avoid falling for the MileagePlus survey scam in the future?

A: Be wary of unsolicited emails with links and attachments. Look for obvious red flags like grammar/spelling issues, urgency cues, and requests for sensitive data. Verify legitimacy before providing any personal or financial details.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

Stop and verify before you click, log in, download, or pay.

Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.

Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.

Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.

Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.

Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.

Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.

Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).

Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.

Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.

Move quickly. Speed matters for disputes, account recovery, and limiting damage.
- Stop payments and contact: do not send more money or respond to the scammer.
- Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
- Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
- Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
- Scan your device: remove suspicious apps or extensions, then run a full malware scan.
- Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
- Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.