Book and Buy Miles

How to protect your MileagePlus account

How to protect your MileagePlus account

We’re dedicated to protecting our customers from fraud and information theft. Learn what steps you can take to help secure your account and keep your personal data safe.

What you should know

What you should know

Get familiar with the most common ways a scammer may try to get your information.

Common types of fraud and scams

Common types of fraud and scams

Search engine fraud

Hackers can manipulate the top results on a search engine and link to a fake website.

Contact center scams

A person may pretend to be a customer representative to get your personal information.

Email hacking

Someone could gain access to your email plus any connected accounts.

Prize fraud

A call or message claiming that you’ve won a sweepstakes, discount or giveaway.

Social media scams

Social media messages promising a reward for sharing or “liking” the message.

Fake invoices

An invoice or bill for a purchase that you never made.

Common types of fraud and scams

Search engine fraud

Hackers can manipulate the top results on a search engine and link to a fake website.

Contact center scams

A person may pretend to be a customer representative to get your personal information.

Email hacking

Someone could gain access to your email plus any connected accounts.

Prize fraud

A call or message claiming that you’ve won a sweepstakes, discount or giveaway.

Social media scams

Social media messages promising a reward for sharing or “liking” the message.

Fake invoices

An invoice or bill for a purchase that you never made.

Phishing attacks

Phishing attacks

Phishing messages seem to come from a familiar person or company. A phishing scammer will ask for sensitive information, usually for an urgent reason. They often appear legitimate by using the company’s logo or branding and may even use the person or company’s real email address. Phishing is one of the most successful types of fraud, so be especially on guard for these attacks.

Our verified channels

Our verified channels

We do not have another official website besides united.com. Be careful not to give any personal information on a website that claims to be associated with us but does not have a verified URL.

We use a Customer Care Center, a Help Center and a MileagePlus Service Center to address customer concerns.

We will never:

Ask for a subscription fee to join MileagePlus®.

Approach you using a non-official phone or email address.

Use a website path that doesn’t connect to the official one, which is united.com.

We will never:

Ask for a subscription fee to join MileagePlus®.

Approach you using a non-official phone or email address.

Use a website path that doesn’t connect to the official one, which is united.com.

  • General contact number: 1-800-864-8331
  • Receipts and other services: 1-800-490-2021

For United phone numbers outside the U.S. and Canada, visit the customer support contact directory.

What you can do

What you can do

Below are basic security tips that can help you to protect your MileagePlus account and any other personal information shared online.

Use a strong password

Use a strong password

Every online account should have a unique password that you change regularly.

Your password should not include:

  • Your name.
  • Any common set of letters or numbers (like “qwerty” or “12345”).
  • Any personal information of yours or a family member (like your birthday, address or phone number).
  • Any password you’ve used before.
 

Be careful on unsecure Wi-Fi networks and websites

Public Wi-Fi networks are not usually password-protected so choose where you connect wisely. If you can, we recommend using your cellular data network instead.

When visiting any website, look for these signs before sharing any private information:

  • You should see https:// as part of the web address before www.
  • Many websites also have a lock icon near the web address to show it’s safe.

Be aware of unknown phone calls and strange emails or messages

As a rule, avoid sharing private information over the phone and opening unfamiliar links or email attachments. If a call or message from someone familiar seems odd or unexpected, check with the person or company to make sure it’s from them. Always verify who you’re communicating with, especially if:

  • The email address or link URL is misspelled or slightly different than the real thing (“united.net” instead of “united.com”).
  • You don’t recognize the email address, or the sender’s name doesn’t match.
  • There is a warning or demand for sensitive information (“Your account will be permanently deleted unless you confirm your password.”).

Organize your information before traveling

Before any trip, take some time to:

  • Check that all your account information is still accurate.
  • Update the software on your computer or mobile device to the latest version.
  • Securely back up your data.

Handling a data leak

Handling a data leak

How to deal with a hacked account

How to deal with a hacked account

If your MileagePlus account was used in any way without your permission, or you get a suspicious message from us, take these steps right away:

  • Change your password and account security questions.
  • Alert us by contacting the MileagePlus Service Center.
  • Check any other email, bank or credit card accounts connected to your MileagePlus account for suspicious activity.
  • Change your password and account security questions.
  • Alert us by contacting the MileagePlus Service Center.
  • Check any other email, bank or credit card accounts connected to your MileagePlus account for suspicious activity.

How to manage and report identity theft

How to manage and report identity theft

If you are a victim of identity theft, the U.S. Federal Trade Commission has resources that can help you respond to and recover from these incidents .

Protecting your MileagePlus account FAQ

Protecting your MileagePlus account FAQ