This morning I got a rather odd email purporting to be from LinkedIn‘s Marketing department. It made it through all my filters and the headers look reasonable, but based on the poor formatting of the email and the fact I’ve been on LinkedIn a long time, I don’t think it is completely on the level.
I regularly get contacted by complete strangers who want to link in. Often these people are in other countries: India, the Middle East, even the UK. I generally always refuse as I’ve been treated very poorly by people I trusted in the past and now am slow to trust anyone. These emails all follow the same format. I’ve never believed in linking in with random strangers just to increase the size of your network.
Below is the email I received. I’ve taken to documenting these as others will likely receive the same email. When you get an unexpected email it is wisest not to click any links. If the email appears to be from someone you know, you can phone them and double check or login in a fresh browser to a social network and message them that way. Replying to the email will likely put you on a list. The safest course of action is to delete the email. If the email is from a financial institution especially one you don’t have an account with, it is spam, but most banks have means of reporting these phishing exploits. I’ve reported a few but it is quick for me to just blog and warn others that way.
The damn email is formatted so oddly it doesn’t render correctly. The “LinkedIn Marketing Department” also knows when to use “an” instead of “a” one would hope. I ended up removing some white space and I added two linebreaks.
From ???@??? Wed Mar 6 09:55:47 2013 Return-path: Envelope-to: firstname.lastname@example.org Delivery-date: Wed, 06 Mar 2013 02:15:29 -0500 Received: from [188.8.131.52] by www30.yourdnshost.com with esmtp (Exim 4.72) (envelope-from ) id 1UD8ZU-0001Cf-Kt for email@example.com; Wed, 06 Mar 2013 02:15:29 -0500 X-Apparently-To: via 254.244.155.230; Wed, 6 Mar 2013 15:15:27 +0800 Authentication-Results: from=alerts.linkedin.com; domainkeys=neutral (no sig); from=alerts.linkedin.com; dkim=neutral (no sig) Received: from [184.108.40.206] (port=75640 helo=[192.168.2.09]) by 220.127.116.11 with asmtp id 7PLAUn-21875 X-FR; Wed, 6 Mar 2013 15:15:27 +0800 Date: Wed, 6 Mar 2013 15:15:27 +0800 From: firstname.lastname@example.org X-Priority: 3 (Normal) Message-ID: To: Subject: Reminder about requests MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----------191828763912065YB" X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - X-AntiAbuse: Original Domain - alerts.linkedin.com X-AntiAbuse: Sender Address Domain - alerts.linkedin.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: [192.168.9.70] X-Source-Auth: email@example.com X-Email-Count: 1 firstname.lastname@example.orgSee who linked you as co-worker on LinkedInNow it's easy to connect with people you emailContinue This is an casual LinkedIn Marketing email to help you get the most out of LinkedIn. Unsubscribe © 2013, LinkedIn Corporation. 2026 Stierlin Ct, Mountain View, CA 92083