Phishing email campaign re OP-Z?


Woah did anyone else get his email? I preordered one off sweetwater and I got this. When you click one it goes to a page saying “thank you” and that’s it. I’m very confused. Is it just if you’re subscribed to the newsletter? Does thank you mean they’re sending one to me via sweetwater??? SO MANY QUESTIONS (Sorry I’m excited)

The email was sent by teenage engineering (robot@teenage.engineering) and the link leads to a page on their site (https://teenage.engineering/thank_you). Also, the original link from the email itself was a redirect from Drip Email which (I’m guessing) is a way of logging who clicked.

Sort of sounds like they want to see which country has the highest demand and send out their limited amount of batches to those areas first.

2 Likes

FYI I received one of these weird emails yesterday. A (very) cursory analysis of the email suggests it’s legit (the SPF and DKIM checks are passed) so it looks like an every day mass email (see my reply post), but I also had the experience that when I clicked on the link, I was redirected via the third party web site to a “thank you” page, without the opportunity to input any other data.

I’ve blindly emailed support@teenage.engineering with a quick note asking if it’s legit :slight_smile: cuz if it is legit, it’s very confusing, and seems very suspicious.

2 Likes

I am registered for the newsletter with 2 separate email addresses but only received 1 email which is odd.
I was hoping TE were feeling generous and wanted to reward us with a free OP-Z! Yeah right😂

I retract this. Here’s why:

off topic email analysis in here

DMARC fails, and I think that’s because while SPF and DKIM pass, SPF passes using a google IP address (which just means the sender uses google too) and DKIM passes for a different domain to the sender (dripemail2 . com) - DMARC wants the “identifiers” to “align” (so the DKIM should match the visible “From” address) and obviously it doesn’t.

Email is hard.

More info here: https://dmarcian.com/how-can-spfdkim-pass-and-yet-dmarc-fail/

You can get the SPF, DKIM and DMARC headers/check results from your google mail web client, if you use google mail, by looking at the “original message”.

TLDR: treat that email as suspicious until we hear from teenage engineering!

2 Likes

Yeah same. If it is a phish, I would be very curious to discover where they got my email address from. AFAIK it’s hidden in this forum.

This is one part that particularly concerns me! It’s an extremely targeted phish.

(and did you check your Spam folder?)

I got an email and thought it was for those who registered interest in the op-z. Didn’t they have an enter your email here for product update on the op-z page few months before release? It would be a seperate mail out to the newsletter addresses

Absolutely true. To be fair, there are several factors in this particular phish that made it initially slip past my usually quite effective internal filters D: :musical_note:

(Apart from anything, I wasn’t expecting to be targeted. But nobody expects the Spanish etc etc)

The other 2 e-mail addresses are not linked to my account here either so the plot thickens!

1 Like

My emails are nowhere near FB or Google but in this day and age nothing surprises me regarding personal data. Privacy is an illusion just like air safety and state security.

More to the point though I could do with being cheered up with a TE freebie!
No chance I know but it’s a nice thought :neutral_face:

I understand what you are getting at, but for what it’s worth, I don’t think that they were trolling. A lot of meaning and tone can be lost in these dumb text boxes we’re forced to use.

<3

7 posts were merged into an existing topic: Teenage Engineering OP-Z