Phishing email from BA.com today? (BA lurkers please read)

Subscribe
I got an email from British Airways Executive Club <[email protected]> this morning asking me to click on a link in order to verify my email address.

the email states "YOU MUST CONFIRM YOUR EMAIL ADDRESS TO BE ABLE TO ACCESS YOUR BA.COM ACCOUNT" as well as "Until you do this, you will not be able to complete any transactions relating to your Executive Club membership"

i have not clicked on it as i will not click on links in an email. I have logged into my BAEC account through my normal means and see no reference to needing to update my email address.

anyone else get this and is it a phishing attempt?
Reply
Quote: I got an email from British Airways Executive Club <[email protected]> this morning asking me to click on a link in order to verify my email address.

the email states "YOU MUST CONFIRM YOUR EMAIL ADDRESS TO BE ABLE TO ACCESS YOUR BA.COM ACCOUNT" as well as "Until you do this, you will not be able to complete any transactions relating to your Executive Club membership"

i have not clicked on it as i will not click on links in an email. I have logged into my BAEC account through my normal means and see no reference to needing to update my email address.

anyone else get this and is it a phishing attempt?
Not got it but you should be able to see where the link is pointing to by hovering over it, or alternatively have a look at the HTML source code and see where it points to. There is a BA fraud department who might be interested in this as well, hopefully a BA staff member will be along shortly with the email address.
Reply
Quote: I got an email from British Airways Executive Club <BA.ExecClub@contact.britishairways.com> this morning asking me to click on a link in order to verify my email address.

the email states "YOU MUST CONFIRM YOUR EMAIL ADDRESS TO BE ABLE TO ACCESS YOUR BA.COM ACCOUNT" as well as "Until you do this, you will not be able to complete any transactions relating to your Executive Club membership"

i have not clicked on it as i will not click on links in an email. I have logged into my BAEC account through my normal means and see no reference to needing to update my email address.

anyone else get this and is it a phishing attempt?
I am not saying this in an official capacity, however, the bolded part of the above e-mail address is indeed a real BA e-mail, I have e-mails from it too that I have kept relating to special offers etc...

So, it would appear to be a genuine e-mail from BA.

I am not sure the reason for the request to confirm the e-mail address on your account though.
Reply
Quote: I am not saying this in an official capacity, however, the bolded part of the above e-mail address is indeed a real BA e-mail, I have e-mails from it too that I have kept relating to special offers etc...

So, it would appear to be a genuine e-mail from BA.

I am not sure the reason for the request to confirm the e-mail address on your account though.
Sadly it is all too easy to fake/spoof where an email has come from and I've had them from people who I've called and have told me they haven't sent them. Had one purporting to be from a Mr William Clinton at the Whitehouse years ago, which I found very odd as until Obama they didn't use email, guess they were banking on not too many people knowing that. I suspect I would have liked my tax refund too not being a US citizen and there not having paid any taxes to be getting back.
Reply
Quote: I am not saying this in an official capacity, however, the bolded part of the above e-mail address is indeed a real BA e-mail, I have e-mails from it too that I have kept relating to special offers etc...

So, it would appear to be a genuine e-mail from BA.

I am not sure the reason for the request to confirm the e-mail address on your account though.
I can't comment on whether it is genuine or not. However my daily haul of phishing emails (most of which give me much amusement - phishing and correct spelling/syntax are mutually exclusive) invariably includes email addresses which are "correct" but hyperlinks pointing somewhere very different.....

Why, for example, does BA need to SHOUT at you?
Reply
Click on the email BUT NOT THE LINK - if your viewing in Thunderbird, click View then message source or just press CTRL + U
Copy and paste in here (remove your email address)
Reply
Quote: So, it would appear to be a genuine e-mail from BA.
These e-mails generally appear to be 'from' a genuine e-mail address but in reality they are sent by somebody else. It's fairly easy to masquerade an e-mail to be from a different address.

Generally fraudulent e-mails will contain a link ('click here', etc.) in the e-mail itself which points to the fraudster's website.

Probably a good idea to not click on any links in the mail and send a copy of the e-mail to BA.
Reply
Ok, sorry... I did not know that.
Reply
If I were to get something like this I wouldn't click on the link but would first call BA to check what they needed from me. If there was a genuine issue then it could be dealt with there and then, or at least I'd know for sure the e-mail was either genuine or fake.
Reply
Yes, these guys are devious so-and-sos.

Even having images display automatically in an e-mail preview can reveal your e-mail address as being genuine, leading to more spam e-mails...
Reply
as was mentioned, spoofing the sent from address is relatively trivial so not a means of validating its true origin.

the underlying link in the text, e.g. the "true" link as opposed to what is written in the text, is legitimately pointing to http://www.britishairways.com/travel/emailvalidate/[remainder removed]

i work in the IT world and this email looks good. but why would BA be asking me to verify my email address and telling me that I can't do anything with my account unless i do? it just smells fishy.

will just hold off for now.

[update] i looked at the headers of the email and it does appear to have been sent from baplc.com which according to a whois search is registered to BA.
Reply
Quote: Even having images display automatically in an e-mail preview can reveal your e-mail address as being genuine, leading to more spam e-mails...
which is exactly why i have my email client to not display remote images (as opposed to images embedded in the email itself) automatically. I must click on "display images" to see them.
Reply
BenSenise - I'm sure you've probably already done this, but have you tried logging into your BA account? If all works OK (as I'd almost bet my life it would) then I think you could say what you've received is spam.

I often get things telling me my account will be closed, I'll be unable to access it, etc, etc. But quite often these come from companies I don't even have an account with!
Reply
Quote: BenSenise - I'm sure you've probably already done this, but have you tried logging into your BA account? If all works OK (as I'd almost bet my life it would) then I think you could say what you've received is spam.

I often get things telling me my account will be closed, I'll be unable to access it, etc, etc. But quite often these come from companies I don't even have an account with!
Quite right srg

I'm fairly certain if BA needed contact info from you that when you log into your exec account it will tell you

ie I think that my email address changed a few years ago, when I logged in there was a mssg telling me to update my details as they had been unable to contact me

cs
Reply
Quote: BenSenise - I'm sure you've probably already done this, but have you tried logging into your BA account?
yes, i logged into my account as i usually do, not through the link in the email. all was well. i'll update this thread if anything else develops.
Reply