If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Microsoft Rewards?
|
Ads |
#2
|
|||
|
|||
Microsoft Rewards?
"cameo" wrote
|I keep getting this email from | , With something like that you can check whois: https://www.whois.com/whois/microsoftrewards.com That does seem to be Microsoft, assuming you're actually getting it from microsoftrewards.com and any link really does go to microsoftrewards.com. It's a good idea to check the source code to be sure. Personally I wouldn't click on any "hot area" anyway. That will usually involve a web bug or rigged URL to confirm for them that you read the email. I assume they're not offering anything good. It appears that it's basically what might be called "legitimate phishing". https://rewards.microsoft.com/ Maybe you accidentally signed up. Or maybe you've given your email address to MS in some venue and they're spamming you. They invite you to use their products and give them lots of personal information. In exchange you get vaguely defined points that you may be able to redem for "gift cards" or sweepstakes entries or discounts on Microsoft Store apps. So, let them spy on you and you can be entered in a contest. This reminds me of years ago when I had a Citibank credit card and got CitiDollars for using it. I amassed something like $6,000 CitiDollars. But I could only redeem them by buying overpriced stuff: Get this $400 TV for $250 and 300 CitiDollars. The problem was that I could buy the TV in a store for about $250. So the whole thing was actually just a scam. But in a way the CitiDollars were better than Microsoft rewards: At least I didn't have to give them personal marketing info in order to get nothing. |
#3
|
|||
|
|||
Microsoft Rewards?
On Mon, 25 Jun 2018 16:42:16 -0700, cameo
wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? https://www.startpage.com/do/search?...e wards&pl=ff It seems to be a legitimate scheme, though those particular emails may be bogus and spammy. If the scheme interests you, you may be able find it through Microsoft's homepages. Mand. |
#4
|
|||
|
|||
Microsoft Rewards?
In message , cameo
writes: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? From what others have said, sounds like it's legitimate but worthless. The addressing is obviously automated, and derives from somewhere you have filled in your name using only your initials. I don't like being addressed by my first name by someone (especially automated software) I don't know, so nearly always fill in anything that needs a name with just my initials as below, and get a lot of "Dear J" as a result (or sometimes "Dear Jp"). [I haven't received any from microsoftrewards AFAICR.] I'm rather surprised they're using that, as it's a common scammer practice to use hostnames that comprise a well-known name such as Microsoft but with extra characters; if I _had_ received such, I would have assumed it was a scam anyway. (Note use of "comprise" without a following "of".) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf "Eastenders" is like being punched repeatedly in the face for half an hour. - Stephen Mangan, in Radio Times 5-11 May 2012 |
#5
|
|||
|
|||
Microsoft Rewards?
On 06/25/2018 07:52 PM, J. P. Gilliver (John) wrote:
[snip] The addressing is obviously automated, and derives from somewhere you have filled in your name using only your initials. I don't like being addressed by my first name by someone (especially automated software) I don't know, so nearly always fill in anything that needs a name with just my initials as below, and get a lot of "Dear J" as a result (or sometimes "Dear Jp"). [I haven't received any from microsoftrewards AFAICR.] I remember from before the web, when my father would use "H" as a first name, for these things. It was actually the first letter of the dog's name, and the dog could use some new chew toys. Also (OT) One night I was listening to the PBS radio station, and someone I knew called in a donation for "S Lloyd". The announcer thought that was his son, but I knew it was the cat. -- Mark Lloyd http://notstupid.us/ "I can picture in my mind a world without war, a world without hate. And I can picture us attacking that world, because they'd never expect it. " |
#6
|
|||
|
|||
Microsoft Rewards?
cameo wrote:
I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? Oh, an e-mail but no evidence of what is shown in the Received, Sender, and other headers of the e-mail and no showing what is *in* the HTML code, like for the A tag of the hyperlink that claims to be pointing at Microsoft. You want others to diagnose an e-mail for which you give nothing to diagnose. View the source of the e-mail. Copy that source which will show headers and the body of the message. Munge out any personal information, like your username in your e-mail address (but not the domain since that is public information, anyway). Do NOT show the rendered HTML for the e-mail as that can be manipulated to lie about where a hyperlink actually points. Show the source of the e-mail which will show to where the A anchor tag points in its href attribute. The Received and other headers will indicate from where an e-mail originates. The *code* for an HTML rendered hyperlink is the only way to know to where a hyperlink points (unless your client pops up an *accurate* description of a hyperlink, but many clients do not and show something other than what is really specified in the href attribute). Bulk mails rarely address you by your specific name unless they are mailmerged mailings. Mailmerge takes more time to modify the content of a template to use as the body of a personalized e-mail. The recipient is already specified but merging that into the body takes time. Whether or not it is a legitimate e-mail from Microsoft or a phish requires seeing what is actually specified in the headers and to where the hyperlinks actually point for the effective URL (not what gets shown in rendered HTML). Not all bulk mailings are personalized; i.e., the same message gets sent to multiple recipients instead of a personalized template sent to each recipient. That I don't get e-mails from Microsoft Rewards doesn't mean Microsoft doesn't operate a rewards program. I don't buy anything from Microsoft's store, so I would have no rewards from them. We don't know what past relationships you've had with Microsoft that might qualify you for participation in their rewards program. https://rewards.microsoft.com/ https://www.microsoft.com/en-us/stor...rosoft-rewards https://support.microsoft.com/en-us/...rewards-points https://support.microsoft.com/en-us/...rewards-points If you want others to diagnose an e-mail to determine it legit or phish, you'll have to provide evidence: the source of the e-mail but with sensitive data munged out or obfuscated. |
#7
|
|||
|
|||
Microsoft Rewards?
J. P. Gilliver (John) wrote:
In message , cameo writes: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? From what others have said, sounds like it's legitimate but worthless. The addressing is obviously automated, and derives from somewhere you have filled in your name using only your initials. I don't like being addressed by my first name by someone (especially automated software) I don't know, so nearly always fill in anything that needs a name with just my initials as below, and get a lot of "Dear J" as a result (or sometimes "Dear Jp"). [I haven't received any from microsoftrewards AFAICR.] I'm rather surprised they're using that, as it's a common scammer practice to use hostnames that comprise a well-known name such as Microsoft but with extra characters; if I _had_ received such, I would have assumed it was a scam anyway. (Note use of "comprise" without a following "of".) The From header is worthless for validating who was the sender of an e-mail. The sender's e-mail client defines the value of the From header, not the sender's mail server. I can put anything I want in the From header. I could send e-mails that look like they came from cameo, you, or anyone else. You need to look at the Received headers to see from where the e-mail originated. Received headers are prepended in the order they pass through mail servers. That is, the first mail server will be the last one listed in the source of an e-mail and the last mail server will be at the top of the headers section. Some Received headers are shown for internal routing within an e-mail provider so they don't comply with the by-clause in one Received header having to match the from-clause in the next Received header. That doesn't identify the sender at that domain but will show if, say, a Microsoft e-mail originated from a Microsoft mail server. However, scammers can spoof a Received header by inserting their own. When they do, it will be the first Received header after the legitimate ones. They're hoping you cannot identify fake Received headers, will trace from a legit one into theirs, and think their e-mail originated from where they said it did. If it is not an internal routing shown in Received headers, the server specified in from-clause from a later Received header should point at the server specified in the by-clause in the just prior Received header. Tracing through Received headers is easy but full of gotchas. Some mail servers will add a Sender header. The client doesn't add this. The sending mail server adds that header. If the client adds it, the server will ignore it to add its own Sender header. That can identify who was the sender at the domain which should match the non-internal (boundary) sending mail server specified in the first Received header. Some e-mails will have SPF or DomainKeys headers that also help identify from where an e-mail originated (the sending mail server, not the account that used that outgoing mail server). Some companies contract others to send their bulk mailings. The problem is the e-mail will show it comes from the bulk mailing service, not from the domain purporting to have sent the e-mail. Comcast does this: they employ someone else (don't remember who) to send bulk mailings on Comcast's behalf. The result is the Received headers show the e-mail did not originate from Comcast. The From header is faked to show Comcast as the sender. The hyperlinks inside the message body often will point to somewhere other than a Comcast registered domain. The cure is to grant authorizing for the bulk mailing service to use Comcast's own SMTP servers to spew out the bulk mails; however, that means letting someone else pass traffic through your SMTP server and usually the point of contracting a bulk mailing service is NOT to impinge that traffic volume upon your mail servers. There are other solutions, like letting the bulk mailer use a domain registered for the purported sender, like letting them use their own SMTP server using something like rewardscomcast.net. While it will look like the e-mail originated from a different domain than Comcast in the Received headers, a whois on the alternate domain would show that Comcast is the registrant. Since there is a Microsoft Rewards program and since the hostname of "email" is at the microsoft.com domain where Microsoft is the registrant for that domain, it is very plausible the OP got a legit e-mail from Microsoft. However, the OP showed us what he saw and it is likely he received an HTML-formatted e-mail. Rare nowadays are senders that send in plain text format. The HTML A tag will have a comment section where whomever composed the HTML-formatted e-mail can specify whatever they want as the comment, which could look like a URL. The href attribute of the A tag specifies where the hyperlink actually points, and that can differ from the comment for the A tag. For example: A href="we-cheat-em-and-how.ru/rogueware/infection-pretense.html" /A has the comment (between the A and /A delimiter tags) pretend the user would be going to Microsoft when, in fact, the href will have them visit some rogueware site that claims the visitor is infected and offer to download and install software to fix the problem (which is actually malware, like ransomware). Without seeing the source of the HTML-formatted e-mail (i.e., the HTML code), there is no way we can tell to where a hyperlink actually points. We're only told where the OP *thinks* the hyperlink points based on the comment for the A tag. The OP wants us to diagnose an e-mail for which no exhibit has been provided for us to diagnose. Saying it came from somewhere based on limited expertise in e-mail headers and HTML code doesn't really give real evidence of where it actually came from or to where the hyperlinks point. |
#8
|
|||
|
|||
Microsoft Rewards?
On 06/25/2018 07:51 PM, Wolf K wrote:
On 2018-06-25 19:42, cameo wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? MS Rewards? ??On the face of it, I'd say, yeah, it's a scam. I can't imagine MS running a rewards program. They do. If you log into MS with a hotmail account (at least I do), on Bing.com, you get a rewards icon with the points total beside your avatar in top right. I have 33,000+ points. Now I'm not using any of them or if I have I've received nothing from the usage. |
#9
|
|||
|
|||
Microsoft Rewards?
Big Al wrote:
On 06/25/2018 07:51 PM, Wolf K wrote: On 2018-06-25 19:42, cameo wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? MS Rewards? ??On the face of it, I'd say, yeah, it's a scam. I can't imagine MS running a rewards program. They do. If you log into MS with a hotmail account (at least I do), on Bing.com, you get a rewards icon with the points total beside your avatar in top right. I have 33,000+ points. Now I'm not using any of them or if I have I've received nothing from the usage. 33000 points ? checks charts That entitles you to one order of Cotton Candy. Come to the Seattle fairground to pick it up. http://www.restaurant-hospitality.co...-503386182.jpg Paul |
#10
|
|||
|
|||
Microsoft Rewards?
Paul wrote:
Big Al wrote: On 06/25/2018 07:51 PM, Wolf K wrote: On 2018-06-25 19:42, cameo wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? MS Rewards? ??On the face of it, I'd say, yeah, it's a scam. I can't imagine MS running a rewards program. They do. If you log into MS with a hotmail account (at least I do), on Bing.com, you get a rewards icon with the points total beside your avatar in top right. I have 33,000+ points. Now I'm not using any of them or if I have I've received nothing from the usage. 33000 points ? checks charts That entitles you to one order of Cotton Candy. Come to the Seattle fairground to pick it up. http://www.restaurant-hospitality.co...-503386182.jpg Paul Actually, there's a suggestion here. https://support.microsoft.com/en-ca/...ds-points-work "Microsoft Rewards points have no cash value. You can typically redeem 5,000 Microsoft Rewards points for about $5 of value on the Microsoft Rewards redeem page. " So you have around $30 worth. If you converted that to Air Miles, it would fly you across the street (about 66 feet). I think the Cotton Candy is a good deal, all things considered. Paul |
#11
|
|||
|
|||
Microsoft Rewards?
"cameo" wrote
| , Interesting review of the whole thing he https://workfromhomejourney.com/is-m...etailed-review Apparently it's been going on for years, but recently it's been combined with XBox rewards, whatever that is. They're basically paying people to use their products (Bing/Edge) and to buy MS Store apps. But the catch is that they don't pay much of anything worth having. |
#12
|
|||
|
|||
Microsoft Rewards?
Big Al wrote:
Wolf K wrote: cameo wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? MS Rewards? ??On the face of it, I'd say, yeah, it's a scam. I can't imagine MS running a rewards program. They do. If you log into MS with a hotmail account (at least I do), on Bing.com, you get a rewards icon with the points total beside your avatar in top right. I have 33,000+ points. Now I'm not using any of them or if I have I've received nothing from the usage. I logged into Hotmail (also have an Outlook.com account). Went to bing.com. Click on the Rewards icon. A window popped up telling me about Microsoft rewards but requires that I join. So just having a Microsoft e-mail account does not enlist you into their rewards program. Have you ever bought anything from Microsoft's store? |
#13
|
|||
|
|||
Microsoft Rewards?
On 06/25/2018 10:31 PM, Paul wrote:
IÂ*thinkÂ*theÂ*CottonÂ*CandyÂ*isÂ*aÂ*goodÂ*deal,Â* allÂ*things considered. Me too! |
#14
|
|||
|
|||
Microsoft Rewards?
On 06/26/2018 01:30 AM, VanguardLH wrote:
Big Al wrote: Wolf K wrote: cameo wrote: I keep getting this email from , but the email does not address me by my regular name just by my first name initial. Sounds like some phishing scam, so I don't click on its hot area. Has any of you got it, too? MS Rewards? ??On the face of it, I'd say, yeah, it's a scam. I can't imagine MS running a rewards program. They do. If you log into MS with a hotmail account (at least I do), on Bing.com, you get a rewards icon with the points total beside your avatar in top right. I have 33,000+ points. Now I'm not using any of them or if I have I've received nothing from the usage. I logged into Hotmail (also have an Outlook.com account). Went to bing.com. Click on the Rewards icon. A window popped up telling me about Microsoft rewards but requires that I join. So just having a Microsoft e-mail account does not enlist you into their rewards program. Have you ever bought anything from Microsoft's store? Never! Odd that a account doesn't show the program. Maybe I joined (it's been so long ago), but that's all I do. |
#15
|
|||
|
|||
Microsoft Rewards?
Mayayana wrote:
"cameo" wrote | , Interesting review of the whole thing he https://workfromhomejourney.com/is-m...etailed-review Apparently it's been going on for years, but recently it's been combined with XBox rewards, whatever that is. They're basically paying people to use their products (Bing/Edge) and to buy MS Store apps. But the catch is that they don't pay much of anything worth having. The crucial words are "Microsoft Rewards basically pays you to browse the web with Bing. You can use any browser that uses the Bing search engine". The more people use Bing, the more ads get viewed. The more people use Bing, the more Bing's status rises together with its power to attract advertisers; paying advertisers, that is". Ed |
Thread Tools | |
Display Modes | Rate This Thread |
|
|