September 3, 2014 Leave a comment
Quick post this afternoon based on a semi regular security email I send out to all users at work.
Both at home and at work, we often see companies sending out email surveys, often with enticements like coupons, entries in draws etc.
It is often extremely hard to tell if these are legitimate.
Here are 2 I’ve recently received
Now we know that the very first thing to do when we are trying to find out if an email is from a legitimate source is check the FROM address.
(Of course we always keep in mind that FROM addresses can be spoofed, right?)
Here are the 2 FROM addresses for the above emails
Can you tell which is legitimate? Knowing that emails from Walmart or Telus should have a @ walmart.com or @ telus.com (same origin emails) doesn’t help in the case of many legitimate surveys. As stated in the Telus email, companies often contract survey work out to companies who specialize in this kind of thing.
Neither of the above is from same origin but there are some clues in the emails themselves that hint which is legitimate and which is not.
- One says you’ve WON!* something, the other says you’ll be entered for a chance to win. Guess which is more likely to be legitimate.
- One only offers links to click, the other offers a copy and paste option. Copy and paste allows you to see where the link actually goes. (of course we all hover over links to see where they point always in any case right?)
- We actually -are- a client of Telus. We/I don’t have any Walmart association (ask yourself “how did they get my email”)
So yes, the Telus email is legitimate. The Walmart one points to a malware exploit.
My advice is to ignore and delete survey requests from all senders.
*See Rule Of Exclamation Points In Email
Rule Of Exclamation Points In Email
The chances of a email being legitimate is inversely proportional to the number of exclamation marks it contains!!!