Keeping you safe online

At Qantas Frequent Flyer, we take your security and privacy very seriously. As part of our commitment to keeping our members safe online, we’ve introduced world-class security technologies and simple steps you can take to protect yourself online.


  Up your online safety with a strong password

Passwords and PINs protect your personal information against unauthorised access. That’s why it’s so important to use strong combinations of letters, symbols and numbers to protect your privacy.


Password dos

Passwords and PINs should be kept secret, difficult to guess and be more than 10 characters long. You should also use a mix of upper and lower case letters, numbers and symbols. Also, try creating a unique password for each site to help protect your accounts in case your password is compromised.


Password don’ts

Did you know that criminals use automated software that can guess thousands of passwords per minute? That’s why it’s important that you don’t use recognisable words or names in any language, repeated characters, personal information and anything you have previously used.


Make it memorable

A great way to remember your password is to think of a phrase and then change some of the characters to make it a strong password. For example: 'I like Australian red wine' can be modified to Ilike0zzieR3dwine. For more tips on remembering strong passwords, visit


The perfect PIN

Just like passwords, PINs need to be strong and unique to you. PINs should be a random mix of numbers, letters and characters. You should avoid using obvious patterns like 1234, postcodes, birthdays or other significant dates and numbers.


Use a password manager

Remembering all of your passwords or PINs can be tricky. That’s why installing a password manager could be an option. This handy piece of software generates and remembers secure passwords. However, one disadvantage is that if the password manager is breached, all your information is accessible.


What if your password is compromised?

The first step is to change your password for all sites or accounts where you use that password. Depending on the circumstances, you may also need to contact your financial institution or other services. If you believe your personal information has been put at risk, you can contact IDCare on 1300 432 273 or via for support.



Qantas Points are valuable, and we have noticed a rise in the number of attempts by cyber-fraudsters to access Qantas Frequent Flyer accounts. As part of our commitment to protecting the data of our members, Qantas Loyalty is phasing in a Second Factor Identification Process - more commonly known as two-step verification.


How two-step verification works

Two-step verification offers you an extra level of security, by helping to ensure your account isn’t accessed without your authority. You may be asked to provide a one-off, randomly-generated secure code when you login to your account. This will be sent to the mobile phone number you have registered with us, so please make sure all your details are up to date. Alternately, you can answer three out of four security questions.


What can I do to keep my account secure?

All Frequent Flyers, are asked to be extra vigilant when it comes to online security. You can help protect your account and Qantas Points by following these guidelines:

  • If we suspect fraud, we will attempt to contact you immediately. Please ensure that the personal information, contact details and the answers to your security questions we have on record for you are all correct and up to date.
  • Find a clever way to memorise your Qantas Frequent Flyer PIN, always keep it safe and change it regularly.
  • Always log-out after you’ve logged in to Your Account - especially if you’re on a shared or public device.


Phishing is when scammers deliberately create an email designed to trick you into sharing your security and personal information - this can include information that could give them access to your Qantas Points.

Incidents of phishing are on the increase and are becoming more sophisticated and targeted. They may even appear to be from a company such as Qantas or Qantas Frequent Flyer, and could use your name, along with logos and disclaimers that look familiar. So pause before opening every email and stay safe with our top tips.


Tip 1: Stop before you click and think Suspect, Search, Ignore!

Suspect - the scammers’ strategy is to create emails that appear to come from those we trust.

Search - a quick web search usually reveals whether it’s authentic or a trick.

Ignore - do not click on or respond to anything suspicious.


Tip 2: Look for the signs it’s a trick

  • Is the email address it’s from genuine?
  • Is the website they’re sending you to genuine?
  • Is the company’s logo genuine?
  • Does it contain poor grammar or spelling errors?
  • Has it no content except for a hyperlink?
  • Has it asked for any personal details?
  • Has it asked for details the authentic company never asks for, such as PINs, passwords and bank account details?

Tip 3: Be prepared for cyber-attack

Be secure by making sure your computer’s firewall, anti-spyware and anti-virus software is kept up to date. Stay alert, to steal from you, scammers pretend to be those you trust.

For more information, go to, which provides online guides and information to protect yourself and your computer from cyber security threats.


Tip 4: Qantas and Qantas Frequent Flyer Red Flags

  • Qantas will never ask for details including bank account, credit card, PIN or passwords on email or surveys.
  • Be aware of email domains with additional numbers or variations. Genuine e-mails will always come from an e-mail address ending in,, and such as the address

A fake email address could look like this:


If you think your personal Qantas Frequent Flyer details have been compromised then call the Qantas Service Centre on 13 11 31.


  Here are our five top tips for keeping your account safe

  1. Find a clever way to commit your Qantas Frequent Flyer PIN to memory

  2. Always keep your PIN safe

  3. Always log-out after a session, especially on a shared or public device

  4. Ensure your details including your email address, home address, mobile phone and security questions are up to date and valid

  5. Regularly change your PIN.