Logged on to my email account this morning and found two messages from AS. The first titled "Your Credit Certificate from Alaska Airlines" told me that there would be a second message containing a PIN to be able to open the certificate. The second one is labeled "PIN for your alaskaaair.com Credit Certificate".
When I opened the message, the credit is for a whopping $0.40. Yup, forty cents.
Both sites look totally legitimate but for forty cents I am not going to open up my account to deposit it. Something is phishy here.
Anyone else get one of these?
There ain't no reins on this horse
That all said, I probably wouldn't bother with any of this over 40 cents (although I would truly doubt a phisher would put out a 40-cent certificate, since most recipients would probably ignore that--they'd be more likely to put an irresistible amount like $100 or something), but a perfectly safe way for you to obtain this credit (if it is valid) would be to open your MyAccount on your own (i.e. not through the link in the email--use http://www.alaskaair.com/myaccount), go to your MyWallet, and choose the option to deposit a gift certificate and enter the code. If you're worried about malicious code in the email doing something nefarious, print the certificate out (or copy/paste the code and PIN into a plain-text Notepad document) and sign in to your account and enter the codes after closing the email. Simply entering a code into your MyWallet--even if it's an invalid one generated by a phisher--won't do anything to give anyone access to your account. The danger is clicking a link in the email and not recognizing that it's a redirect to a nefarious site where you might reveal your login information (or, less commonly, opening an attachment that would compromise your system).