Published on February 10, 2026
Image generated with Ai
Across Australia, a renewed warning has been issued to air travellers as Qantas Airways customers are increasingly targeted by sophisticated phishing scams focused on unused loyalty points and travel credits. A noticeable surge has been observed in fraudulent messages that imitate official airline communications and create a sense of urgency around expiring rewards. These campaigns have been designed to exploit trust in well-known aviation brands while preying on travellers who may not regularly monitor their frequent flyer accounts.
In recent months, phishing scams linked to Qantas loyalty points have been detected across major travel hubs, particularly those associated with Sydney Kingsford Smith Airport operations. Cybersecurity experts across Australia have indicated that these attempts are not random but strategically directed at inactive or infrequent users of airline reward programs. By presenting warnings about points allegedly nearing expiration, recipients are pressured into responding quickly, often without verification.
The situation has drawn attention from national authorities, as loyalty schemes are increasingly treated as valuable digital assets by organised criminal networks. With more than 65,000 phishing cases recorded nationwide in 2025 and losses exceeding tens of millions of dollars, the issue has been framed as a growing threat to Australian consumers and the wider Asia-Pacific travel community.
A growing wave of phishing activity has been reported across Australia, with airline loyalty programs emerging as a preferred target for fraudsters. Messages distributed via text alerts have been crafted to appear credible and urgent, often warning that large volumes of loyalty points are about to expire. These alerts are frequently received by customers who have not recently engaged with their accounts, making the deception harder to detect.
Advertisement
The activity has been closely associated with travel-linked communications tied to Sydney and broader airline operations passing through Sydney Kingsford Smith Airport. Due to the high concentration of frequent flyers based in this region, the airport has been identified as a focal point in the spread of scam messages. Cybersecurity authorities have stated that the urgency embedded in these messages has been intentionally designed to override caution and prompt immediate action.
It has been confirmed by Qantas Airways that awareness of the ongoing scam campaign has been established, and the matter has been reported to relevant authorities in Australia. The airline has acknowledged that fraudulent messages have been carefully styled to replicate official branding, including logos, layouts, and color schemes commonly associated with genuine Qantas communications.
Advertisement
Advertisement
Victims have reportedly been redirected to fake websites that closely resemble legitimate Qantas login pages. Through these sites, personal details, account credentials, and in some cases financial information have been harvested. These methods have been described by analysts as increasingly sophisticated, reflecting a broader shift in cybercrime tactics across the Asia-Pacific region.
The scam messages have often promised luxury rewards such as smartphones, household appliances, or high-value retail vouchers. In many cases, recipients have been warned that thousands of loyalty points would expire within a very short timeframe. This artificial deadline has been used to push customers into responding without independently verifying the source of the message.
Advertisement
Advertisement
Instructions provided within the messages have included replying with a single letter or manually copying a web link into a browser. This approach has been identified as particularly dangerous, as it can bypass built-in security filters on smartphones and messaging platforms. Once the link is accessed, malicious websites are used to collect sensitive information.
According to findings shared by the National Anti-Scam Centre, airline loyalty schemes are now ranked among the most frequently impersonated programs in Australia. Qantas has been placed among the top three loyalty brands targeted by scammers, alongside major telecommunications and retail companies.
This trend has been attributed to the perceived value of loyalty points and the relative ease with which they can be converted into tangible benefits. Fraud prevention specialists have noted that the trust placed in established national brands significantly increases the effectiveness of impersonation campaigns.
Fraud analysts have described airline loyalty points as a form of shadow currency within criminal networks. These points can be exchanged for gift cards, flight bookings, seat upgrades, or other benefits that can then be resold online for cash. Because loyalty accounts are often checked infrequently, theft can remain undetected for extended periods.
A recent industry report cited by The Leader highlighted that stolen points may go unnoticed for weeks or even months, allowing criminals ample time to extract value. This delayed detection has been identified as one of the key factors driving the rise in loyalty-focused fraud across Australia and neighboring Asia-Pacific markets.
While overall airline-related fraud has been reduced through improved detection systems, criminals have been observed shifting toward more personalised attacks. Instead of broad spam campaigns, messages are now tailored to specific customer profiles, including frequent flyers and individuals with dormant loyalty accounts.
In Australia and across the wider Asia-Pacific region, a sharp increase has been recorded in targeted phishing attempts aimed at travellers who may not regularly engage with airline communications. This evolution has made scams harder to identify and has increased the likelihood of successful deception.
Phishing has remained one of the most commonly reported scam types in Australia, according to data from the National Anti-Scam Centre. In 2025, it was ranked as the second most-reported scam category nationwide. More than 65,000 cases were formally recorded, with total financial losses estimated at $31.1 million.
Average losses per victim were calculated at around $2,000, underscoring the significant personal and economic impact of these schemes. Trusted brands such as airlines have been increasingly exploited to convince victims to disclose passwords, banking information, or credit card details.
Authorities across Australia have urged travellers to exercise caution when receiving unexpected messages related to loyalty points or travel credits. It has been advised that links included in unsolicited texts should never be clicked, regardless of how credible they may appear.
Customers have been encouraged to verify account activity only through official airline websites or mobile applications. Any suspected scam activity is recommended to be reported immediately, and precautionary steps such as changing account passwords are advised to reduce further risk.
Qantas has reiterated that requests to confirm personal details or claim rewards are not made through unsolicited text links. By reinforcing these guidelines, the airline and national authorities aim to reduce the effectiveness of phishing campaigns and protect customers across Australia and beyond.
As digital fraud continues to evolve, the targeting of airline loyalty programs has emerged as a significant threat within Australia and the broader Asia-Pacific travel sector. With loyalty points holding real-world value and trusted brands being exploited, vigilance has been emphasized as the primary defense. Through awareness, verification, and prompt reporting, travellers are being encouraged to protect their accounts and reduce the impact of phishing scams that show no signs of slowing down.
Advertisement
Tags: Australia, loyalty points, phishing, qantas, scam
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
Monday, March 16, 2026
