Cybercriminals are using more creative and convincing tactics to steal your United login credentials and access accounts, enabling them to reroute direct deposits or compromise health and wellness benefits.
Protect your accounts [Link]

Scammers are getting more creative in their attempts to access Your login information for YBR, via Flying Together
Your login credentials are a target for cybercriminals aiming to access your health and wellness benefits accounts.

Cybercriminals use deceptive tactics like fake Flying Together pages, phishing emails and smishing texts, and phone calls to gain access to your information, posing a serious risk to your financial security. Recently, some messages have been sent to employees’ personal email accounts directing them to a fake Flying Together login page disguised as access to Your Benefits Resources (YBR).

Staying secure

If you mistakenly share your login credentials (e.g., uID and password), cybercriminals can gain access to your United accounts. This may allow them access to Flying Together as well as exploit connected systems to other platforms within United, like health and wellness benefit accounts, which may require different login credentials.

They’re also using other tactics to gain access:

• Fraudulent Calls: Scammers pose as United’s fraud department, tricking retirees into sharing personal information.
• Fake Duo Requests: Attackers send Duo push notifications, hoping employees will approve them unknowingly.
• Phishing Personal Email Accounts: Messages may claim to provide access to YBR or suggest urgent benefit updates, directing you to a fake login page designed to steal your credentials.

What to do if you receive a suspicious email to your personal inbox

If a message referencing Flying Together, YBR, or United appears in your personal email:

• Report the phishing attempt immediately by forwarding it to protect@united.com.
• Do not click any links and do not enter your credentials.
• Avoid opening attachments in the suspicious message.
• Delete the email after reporting it.

If you clicked a link and entered your United credentials:

• Change your Flying Together password immediately.
• If you use the same password for your Alight accounts, contact the United Airlines Benefit Center at 1‑800‑651‑1007 to connect with an Alight representative.

Proactive tips to help you stay cyber safe

• Bookmark the official Flying Together Website: Always enter https://ft.ual.com manually in your browser. Beware of fake sites like ftual.es/unitedairline that change and pop up every day.
• Verify Fraud-Related Calls: United will never ask for your password or Duo approval over the phone. Hang up and report suspicious calls to protect@united.com.
• Be Wary of Unexpected Duo Prompts: If you receive a Duo request you didn’t initiate, do not approve it, report it immediately to protect@united.com.
• Watch for Phishing & Smishing Scams: Avoid clicking links in unexpected emails or texts.

Report Suspicious Activity
Forward questionable emails, texts or login requests to protect@united.com. These measures will help protect your direct deposit information from unauthorized changes.

Thank you for your commitment to keeping United cyber safe!