Scam emails

Hi all, I have received an email saying in the subject: “Your monzo app is changing”
and there is a link to click but I feel it’s a scam. Has anyone received it as well?
the sender is hello@monzoemail.com
I am not sure if genuine or not. Help?

Was it just telling you about the new navigation?

That’s a monzo email address

1 Like

That’s a legit :mondo: email address.

2 Likes

That seems to be a legitimate email, but even so, there’s no need to click the link if you’re unsure. Just bin the email.

1 Like

Most apps will tell you if it has verified that it’s from the site it says it is.

And you can see here that monzoemail.com is owned by monzo.

lol, minzo.

2 Likes

I often think it odd that banks will advise against clicking links in emails, and send emails containing links :man_shrugging:

2 Likes

General rule of thumb that I have always gone by, never click links in emails always go directly to website

God it drives me up the wall.

Banks KNOW there’s a massive fraud vector in clicking email links. They, the security industry, government and law enforcement expend huge energy reinforcing the mantra you don’t click links in unsolicited emails.

Then the marketing department will send out an effing newsletter (from a sub–address like no-reply@secure.bank-mail.com&campaignid?=41227485%20B41154CK) and then everyone spends the next decade wondering why phishing fraud is on the rise.

monzomail.com may well be a genuine address, but even to a vigilant, fraud–aware person like me it looks like the kind of URL someone in Russia can buy. It shouldn’t be up to the customer to check up on something where even one wrong click can download of shiteware. And all it’s doing anyway is just socialising us all back to clicking emails again.

The call to action should be something like, “Open your Monzo app to experience our new look.”

Please please PLEASE Monzo, set a precedent and make it company policy you don’t do this.

4 Likes

The trouble with that is that the marketing department are often sending the emails through a 3rd party ESP, so SPF, DKIM, DMARC etc, need to be setup on the domain. And no security department is going to allow a 3rd party service add their details to a banks main domain.

1 Like

So there you go Monzo, there’s your next ‘reinvent banking for everyone’ challenge.

Make the world a little bit safer (and bolster your bottom line too).

Maybe the can use a subdomain like *@promo.monzo.com ? Would this affect mail reputations of *@monzo.com?