Valid Corporate Email Or Phishing Email?
Tuesday, November 30, 2010
Late in October, I visited online the Breyers Ice Cream website and submitted comments online about one of their ice cream products. The comments and feedback I submitted are not important. What is important are the two email messages I received since then. The first email message arrived on November 12 and the second on November 19:
"From: Judy Brown ([email protected])
Subject: Breyer's would like your feedback!
Date: Nov 19, 2010 9:01 AM
Your opinion matters to us. It is not only important to Breyer's that you think of us as providing the highest quality products, but also as delivering the very best customer service. We are looking for your feedback on the latest ways that people communicate with each other and the companies whose products they purchase.
It should only take a few minutes of your time and the results will be used by Breyer's to ensure we are meeting our customers needs in every possible way. Please click on the link below to take part in this important and timely study.
Thanks in advance for your feedback. If you would like to remove your name from this list, please send an email to [email protected] with Remove in the subject or email. Please do not reply to this email. This mailbox is not monitored and you will not receive a response. If you have questions or concerns regarding a Breyer's product, please contact them directly."
At first I was tempted to click on the link since this message arrived soon after I had visited the company's website. But something didn't seem quite right with this email message. I began to wonder if it was a valid corporate email or a fake.
It seems to me that a valid corporate email should contain the company representative's name, title, address, and phone number. The message also should contain the corporate phone number for questions or feedback. This message didn't, so I started to believe this was a phishing email.
I did not recognize the vovici.com website domain in the link destination. Nor did I recognize the tcfcr.com domain name in the sender's email address. Both are different from Breyer's website address. This added to my suspicions that the email was a phishing email.
I do realize that companies often hire public realtions agencies to operate their social media webistes, and to process questions from both consumers and news media reporters. If so, email messages should clearly identified the agency hired, the agency's name, and a contact at the company to confirm the relationship. This message didn't contain any of that either.
Much later, I performed a Google search on tcfcr.com and learned that it is indeed a real company: The Center For Client Retention. I checked Snopes.com to see if it reported anything about the above email as a phishing email or hoax. Snopes didn't say anything about it, but there have been several phishing emails disguised as surveys.
Consumers should not have to go to these lengths to verify a company's email message as genuine or a fake. The sender's email address domain name should match the link destination for the survey, and both should match the company's website address.
In my situation, if the above email message was a follow-up or reply to my prior submission, it should have acknowledged it. Plus, Breyers already has my feedback about one of their products. I am looking for an answer from Breyers, not another web link to provide more feedback.
In the end, I concluded that the above email message was a phishing message intended to trick me (or any other consumer) into revealing sensitive personal information. If this was a valid corporate email, then it was a very sloppy online and poor execution. I wonder if executives at Breyers are aware of it? Do they care?
What do you think? Was this a valid corporate email or a phishing email?
I think you are a wee bit paranoid. That was clearly just a survey sent out by a third party (Vovici is a consumer research survey company).
You are entitled to your opinion as to whether or not it was poorly executed. You are also entitled to exercise free choice as to whether or not you wish to participate in a survey and provide your opinions and demographic information. But, neither of those opinions should lead you to conclude that this email is an example of phishing.
Posted by: Christine | Wednesday, December 01, 2010 at 09:30 AM
I had similar suspicions reading it, George, and the steps you took to vet it were the same I would have tried (Snopes is such a reliable site). I would have tried looking at the link in a new window (copy/paste, not click) and then see if the questions made me antsy. I have started surveys and stopped when they asked for information I considered too personal.
R. Michelle Green
Posted by: R. Michelle Green | Wednesday, December 01, 2010 at 02:42 PM