Email from UA in Mexico City is legit, right?
Oct 16, 2018, 11:17 am
#1
Original Poster
Join Date: Aug 2009
Location: Houston, TX
Programs: Continental OnePass Platinum
Posts: 416
Email from UA in Mexico City is legit, right?
I got an email from a United.com email address, purportedly from the Mexico City office. The gentleman sending the email saw a reservation I have to travel to MEX, but haven't paid for. He said he could ticket it for $50 less per person than the price on the reservation (3 people). He knew my confirmation number and the price. All I have to do is call him and give him my CC info.
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
Oct 16, 2018, 11:21 am
#3
Moderator: United Airlines
Join Date: Jun 2007
Location: SFO
Programs: UA Plat 1.995MM, Hyatt Discoverist, Marriott Plat/LT Gold, Hilton Silver, IHG Plat
Posts: 66,850
I would never respond directly to such an email (let alone provide an CC). Better to call UA via a known good number and handle it with regular agents.
Email headers can be falsified / spoofed.
Try googling the telephone number and see if it matches a known UA telephone number.
Email headers can be falsified / spoofed.
Try googling the telephone number and see if it matches a known UA telephone number.
Oct 16, 2018, 11:29 am
#5
Join Date: Sep 2011
Location: SFO
Programs: AS, UA, WN, IHG Diamond Elite, Hyatt Globalist, Hilton Gold, CET 7*
Posts: 3,299
That's crazy weird, and sounds like spoofing of an email address. I'd call UA right away and escalate this, especially since they have your confirmation # and one would assume, your MP #...
Oct 16, 2018, 11:35 am
#6
Join Date: Mar 2018
Programs: AAdvantage Platinum, Marriott Rewards Platinum Thingy, United MileagePlus Silver, blah on others
Posts: 37
This sounds like phishing to me and someone is trying to get your CC number.
I would NOT call this dude back under any circumstances nor would I contact him again. I'm guessing that you may have some kind of spyware/malware on your computer that enabled this guy to get your info and you were sent a fake email to get you to give him your CC information.
I would NOT call this dude back under any circumstances nor would I contact him again. I'm guessing that you may have some kind of spyware/malware on your computer that enabled this guy to get your info and you were sent a fake email to get you to give him your CC information.
Oct 16, 2018, 11:42 am
#7
Join Date: Oct 2004
Location: Clinging to the edifices of a decadent past from the biggest city in America nobody really cares about.
Programs: (ಠ_ಠ)
Posts: 9,077
I got an email from a United.com email address, purportedly from the Mexico City office. The gentleman sending the email saw a reservation I have to travel to MEX, but haven't paid for. He said he could ticket it for $50 less per person than the price on the reservation (3 people). He knew my confirmation number and the price. All I have to do is call him and give him my CC info.
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
Typically UA's trying to get >>>more<<< from customers through upsells, not less.
You may want to forward a copy of the email to [email protected] with a short explanation. There was a recent incident of a M+ account being compromised here MP locked my account due to "Fraud", Help {caused by UA error, access restored} and prudence suggest it may be wise to change your passwords (or consider a password manager like LastPass / 1Pass / etc.)
Oct 16, 2018, 12:05 pm
#8
Original Poster
Join Date: Aug 2009
Location: Houston, TX
Programs: Continental OnePass Platinum
Posts: 416
Well, it sounds like the consensus is that it fishy, which I agree with. So I won't do anything more. And I'll change my password and keep an eye on my account. Thanks for the response.
Still, call me naive, but I suspect it is legit. Someone mentioned email spoofing. Spoofing typically involves concealing where the message actually originated from, right? I'm no security expert, but I can pretty confidently assert that it is a LOT harder for someone to be able to receive emails at a united.com email address and not be associated with United. Which makes me suspect it's on the up-and-up. Plus, this is a lot of work to go through to get a credit card number. STILL, not worth it to expose myself to the risk, just to save $150.
Still, call me naive, but I suspect it is legit. Someone mentioned email spoofing. Spoofing typically involves concealing where the message actually originated from, right? I'm no security expert, but I can pretty confidently assert that it is a LOT harder for someone to be able to receive emails at a united.com email address and not be associated with United. Which makes me suspect it's on the up-and-up. Plus, this is a lot of work to go through to get a credit card number. STILL, not worth it to expose myself to the risk, just to save $150.
Oct 16, 2018, 12:13 pm
#9
Join Date: Sep 2006
Location: HNL
Programs: UA GS4MM, MR LT Plat, Hilton Gold
Posts: 6,447
I got an email from a United.com email address, purportedly from the Mexico City office. The gentleman sending the email saw a reservation I have to travel to MEX, but haven't paid for. He said he could ticket it for $50 less per person than the price on the reservation (3 people). He knew my confirmation number and the price. All I have to do is call him and give him my CC info.
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
It seems legit. And $150 savings is not nothing. I wrote back to him (at the united.com email address) and he responded right away.
BUT... I just hate calling someone in Mexico I don't know and giving him by CC info. Thoughts?
Oct 16, 2018, 12:22 pm
#10
Suspended
Join Date: Aug 2010
Location: DCA
Programs: UA US CO AA DL FL
Posts: 50,262
If you believe that there is a 1% chance that this is legit, simply call UA and reference the email. If someoe in MEX can do it, any UA agent with access to a terminal can do it.
That said, this is close to certainly a fraud.
That said, this is close to certainly a fraud.
Oct 16, 2018, 12:32 pm
#11
FlyerTalk Evangelist
Join Date: Aug 2015
Posts: 11,460
To my reading, there are two likely possibilities. (1) Someone has illegitimate access to your information and is trying to trick you into giving your CC or money in some other form; or (2) someone in MEX with legitimate UA credentials is running an illegitimate side-hustle to arbitrage or otherwise pocket some cash.
Neither one sounds like something I'd want to be involved in.
Neither one sounds like something I'd want to be involved in.
Oct 16, 2018, 12:47 pm
#12
A FlyerTalk Posting Legend
Join Date: Apr 2013
Location: PHX
Programs: AS 75K; UA 1MM; Hyatt Globalist; Marriott LTP; Hilton Diamond (Aspire)
Posts: 56,450
Oct 16, 2018, 1:11 pm
#13
Suspended
Join Date: Aug 2010
Location: DCA
Programs: UA US CO AA DL FL
Posts: 50,262
If anyone here wonders how scammers make any money, they don't need to read further than this thread. The mere fact that someone posts here to ask whether it might be legitimate, given that if one had such a suspicion, UA has published numbers one may call in both the US and Mexico, points to the fact that there are some who would actually return the call here, provide their CC number and wind up spending months getting a new card, cleaning up their ID and hopefully getting their credit back to close to where it was.
Oct 16, 2018, 1:21 pm
#15
Join Date: Jul 2012
Posts: 1,115
So they actually use a @UNITED.com address, and you sent a reply to that @UNITED.com address and they replied from that address? Reminds me of this recent thread, where it turned out to be legitimate.
I'm not ruling out a scam, but using an actual @UNITED.com means either employee or breach*, and it's not part of the 99% of scams that just use spoofed email addresses. I'm assuming all email traffic going through @UNITED.com is logged, so if this is a rogue employee, then it won't last long.
Apply due diligence, confirm the email address on United's website (as they did in the other topic), call to a known and published number and try to get hold of the staff member that way.
*(Ok, technically it could also be DNS poisoning or malware on your end, but if it gets that elaborate, it's usually because they expect to make a lot more money than they could by selling a fake airline ticket).
I'm not ruling out a scam, but using an actual @UNITED.com means either employee or breach*, and it's not part of the 99% of scams that just use spoofed email addresses. I'm assuming all email traffic going through @UNITED.com is logged, so if this is a rogue employee, then it won't last long.
Apply due diligence, confirm the email address on United's website (as they did in the other topic), call to a known and published number and try to get hold of the staff member that way.
*(Ok, technically it could also be DNS poisoning or malware on your end, but if it gets that elaborate, it's usually because they expect to make a lot more money than they could by selling a fake airline ticket).