This email does not contain any sketchy links, in fact I think the email doesn't contain any links at all! https://www.flickr.com/groups/olympus-e500/discuss/721576308... (via: alisonkisk)
There's no particular reason to be suspicious of this email, they did everything right.
Very sad that legitimate emails are often so bad that even after researching for 10-15 minutes I cannot be sure if a message is legitimate or not. And I'm working with email professionally (as sysadmin/SRE) for more than 10 years.
Regular email users who are not email expects can either trust all emails or delete most of them. Security trainings which tell don't open suspicious emails are useless because most emails are suspicious. PayPal, many utility providers even some big banks send very suspicious emails.
A typical example of fishy but legitimate emails is when company with the main domain example.com send emails from a different but similarly looking domain e. g. example-invoices.com and: whois is hidden using whois privacy, there is no website on this domain (even if there is - why should I trust it?), infrastructure is completely different from the main domain. In other words example-invoices.com have nothing in common with example.com the only way I can think example-invoices.com is legit - they know some personal data of a recipient but if you're paranoid you can expect this to come from a breach which nowadays are common.
This is incredibly common with short-lived projects such as a promotional website, or after downsizing with expert services such as legal/financial/support being awarded on contract.
It's also very common with local subsidiaries of larger companies. Where the website is run from HQ, and the local regions have no ability whatsoever to plug into that system.
I do the latter.
Default practice these days should be do not respond to any phone call, text, email etc. if you don't recognize it, and if you have a non-personal relationship to what appears to be the sender, don't answer it unless it's a response to your initial communication.
Communications these days are mostly vans with candy and missing puppies. Based on my spam folder and incoming call records anyway.
After considerable effort educating the non-technically inclined members of the family to check URLs to avoid shenanigans, cue our ISP sending very important confirmation links via SMS (bad enough) pointing to isp-name.onelink.me, amid a particularly active wave of SMS phishing scams earlier this year. One of the top 10 telecom corps worldwide in size and the mf'ers couldn't bother using their own domain.
It's not only marketing. Tons of services allow spoofing senders name, and try convince you they've been sent by actual people.
I luckily don't work for companies that do this regularly but the ones I've seen online before and the one I did have to do, do not give you access to the headers.
While I realize that most non-techies won't know how to do any of that, it's the easiest for any technically inclined person. The first defence is the real email address (which I always have displayed by default anyway), which gets rid of a large swath of them already and the rest are usually pretty clear from some of the others headers. It has never happened to me that something as intriguing as this post's message came in.
Which begs a question: why they haven't "blessed" the messages from external providers, that are actually legit? Like with a warning "This message comes from a trusted third party".
When much of this stuff is getting more sophisticated and identical to legitimate emails
Lots of people are suspicious of it, but a few have verified that it's legit. If it somehow is a scam, it's very impressive for someone to be operating it for 5+ years without getting shut down - so yeah, it's almost certainly real.
I was sure that it was some kind of a scam until I logged onto my PayPal account through the mobile app and saw that there were indeed two payments from PayPal for the same sum on the same day.
No idea what sent the stackexchange poster down this paranoid rabbit hole, the email doesn't even contain any links.
The rest get deleted.