I’m confused if this is fake or not? Especially since I haven’t contacted support recently last time must have been last year.
If in doubt, delete it.
But they have been asking people for their views lately and as you use support a lot, that’s probably why they’ve asked you.
If they choose to email customers like this, they need to do what other banks do and identify themselves
Barclays ask you to set a secure word that they display every time you log in; and include the last 4 digits of your account number on some emails. Barclaycard include parts of your card number too
I’ve seen other banks do similar things as well and I think it’s great
Why Monzo don’t do it when they seem like one of the biggest targets for fraudsters is beyond me. There’s literally nothing in that email to say it’s genuine. Not even a Hello “first name” which would be super easy to do
The sender email seems fishy too if it’s real it’s literally hello @monzoemail.com shouldn’t it just be @monzo ?
The email is incorrect. The email domain is monzoemail.com - there is an extra ‘s’ in there which gives it away.
Plus, the recent marketing request by Monzo offered £25, not £20 as in that suspect email.
The strange part is the link is to survey monkey and it’s just tick boxes as the questions then a option for best time for them to ring you however it doesn’t actually ask for any contact information or personal details so I’m puzzled
The danger is that IF your email address AND your phone number is known to a third party AND you reply to this, it confirms to them that you have a Monzo account. So if they can’t break into your email account easily (password guessing required) to then gain access to your Monzo account, you don’t need a crystal ball to predict the scammer will call you at a future inconvenient time informing your account is under attack and to move the funds to another Monzo/non-Monzo account fast…
How does someone get both your email address and phone number? Unsure, but it has happened in the past to people. Be very careful. Does your email have 2FA applied to it? It should do if access to your banking app, therefore account & your money, is via the email account.
Are you sure? that domain is not set up for sending or receiving email. (edit: it isn’t even registered)
There is also a Linkedin profile matching the name and job title in the email (although it’s of course trivial to set up a fake Linkedin profile, and it’s equally trivial for a fraudster to search Linkedin for names of actual Monzo employees, so that in itself is not proof of being genuine.)
I think the email is genuine. But as @ndrw says it’s extremely poor form of Monzo to email customers like this.
Mobile mail clients really need better header checking tools, because some of these emails are getting really clever at appearing authentic, and becoming harder to verify on phones. They’re getting so sophisticated that an occasional email flows through my inbox that is convincing enough to almost fool me. My only safeguard is that I naturally distrust emails.
Hey! This does look to be genuine email from us - but I’m not in the team who would send these sorts of emails out so can’t say for certain.
If in any doubt, no need to fill in any form and you can delete it or forward it to firstname.lastname@example.org
I am wondering if you can pass this on internally: This is extremely poor of Monzo. By sending emails like this you are effectively conditioning Monzo customers to fall for phishing emails. @ndrw has posted a number of very simple things that you could do better here, although of course the best thing you could do is not to send emails like this at all - use your chat instead.
Can’t verify that the domain actually belongs to Monzo either because they’re hiding behind a whois privacy proxy.
sorry, I had a typo in there. fixed now, and if you now click the link in that post it will work
No problem - I’m not sure the best team to look into this but I can definitely pass it on
Whoops! Should have noticed that!
I just had one of these emails too.
monzoemail.com belongs to Monzo, so it is a genuine email.
I agree that these emails should be personalised, to stop any concerns.
They don’t seem to have learned from the other times they’ve done this.
If they can add to feeds to advertise things, they can add to the feed for things like this.
Send the same email but then tell the person to go to the app and it will be in the feed. No clicking anything in the email at all. They should actively discourage it.