As you are aware, fraud cases are increasing day by day with new methods and tools, depending on the use of the Internet and the widespread use of technology. Our Alliance ensures that your use of our official website is safe and that your personal data is protected by all Legal and Technical measures.
However, with various methods of fraud aimed at obtaining your credit card number, password, and access to your banking or other personal information, you may receive messages that direct you to pages that resemble our Alliance website, or through online messaging apps such as WhatsApp (Phishing) or telephone (Vishing), and we would like to inform you that such attempts at fraud are not possible for our Alliance to monitor and prevent, therefore caution must be exercised. This page has been prepared to provide you, our valued passengers, with information about similar fraudulent methods.
Turkish Airlines never requests personal information via email or other forms of online communication. Such e-mails and text messages are sent by scammers.
In such actions, allegedly on behalf of Turkish Airlines, you will usually be informed that you have won a trip, vacation, miles, or other reward and you will be requested to provide your credit card number and/or other personal information.
Turkish Airlines will not request your financial or personal information in this manner, nor will it send gifts through phone promotions or online messaging apps such as WhatsApp. Such calls and messages are intended to gain unauthorized access to your personal and financial information and are intended to be a fraud.
The points listed below can give an idea of whether an e-mail is a phishing mail or not. However, as the responsibility belongs to you as a user, do not open e-mails which you do not recognize, and visit Our Alliance website only by typing our Alliance name into the address bar, not via links from unknown or suspicious e-mail addresses.
According to the relevant legislation, Turkish Airlines does not send any marketing e-mails that you have not signed up for the newsletter subscription. Therefore, if you do not have this type of membership and do not receive an email from Turkish Airlines that you expect, such as transaction information regarding the ticket/reservation you purchased, the incoming e-mail is fake.
Check the email's domain extension information carefully. Incorrect spellings, domains with unusual extensions but with Turkish Airlines brands correctly used, and e-mails with logo usage in electronic mail but with unusual extensions do not belong to Turkish Airlines A.O. and are most likely malicious. URLs such as firstname.lastname@example.org, email@example.com, firstname.lastname@example.org are examples of misspellings that are commonly used in phishing e-mails.
Be careful if there is a link in the e-mail that you are directed to click, as people with fraudulent intentions can access the relevant information when you enter the requested information on the page to which the user is directed. These links must be verified. Do not click on any links that you are not sure of their source. In an e-mail you assume to be from Turkish Airlines if you see an unusual domain name with additional extensions such as www.turkishairlines.com.tr.phi.me instead of www.turkishairlines.com/example or with a misspelling etc., this email has not been sent by our Alliance and the website you are directed to does not belong to Turkish Airlines. Do not click on these types of links and when you want to visit the Turkish Airlines website, type the name of our Alliance into the address bar and search.
Those who want to access your personal and financial data start by creating a fake website that looks similar to the Turkish Airlines website. As a result, websites in the phishing e-mails may look like Turkish Airlines applications or websites in terms of the brand(s) used, photos, type character, and general appearance. The purpose of this is to make you believe that you are transacting on the Turkish Airlines website, so that you can provide the requested information without hesitation and they can get your information. The domains to which you are directed do not belong to our Alliance but belong to these people. Therefore, if you clicked the link in any e-mail, please double-check the website and domain name on the address bar of the page that opens when you click it, and close the website and delete the e-mail if you detect any misuse.
To determine whether the connection is secure, ensure that the https:// is at the beginning of the web address.
Pay attention to the content of the web address you are connecting to.