is email-elitedangerous.com legit or junk/scam mail?

Mikkel Toxwenius · Apr 28, 2016

This may be a dumb question, but I just receive what looks like a Frontier mail with the title "It's Competition Time!‏", but the mail sender address is email-elitedangerous.com, and the mail went into my junk mail (I regularly check my junk mail just in case something not junk was filtered there by accident).

So anyone know if email-elitedangerous.com is legit or fake/scam mail address? It does seem legit, but I am kinda paranoid about these things.

CMDR Cosmic Spacehead · Apr 28, 2016

I received that too. But it landed in my inbox.

In any case, I didn't read it. Lol
It's probably OK to open, but if it asks for log in details/passwords, credit cards, or your wife's phone number, or the soul of your first born son... delete it. Lol

SystematicChaos · Apr 28, 2016

Well the whois info is this:

Domain Name: EMAIL-ELITEDANGEROUS.COM
Registry Domain ID: 1991818679_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.1api.net
Registrar URL: http://www.1api.net
Updated Date: 2016-01-05T17:15:49Z
Creation Date: 2016-01-05T17:15:48Z
Registrar Registration Expiration Date: 2017-01-05T17:15:48Z
Registrar: 1API GmbH
Registrar IANA ID: 1387
Registrar Abuse Contact Email: email@1api.net
Registrar Abuse Contact Phone: +49.68416984x200
Domain Status: clientTransferProhibited - http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Paul Ingram
Registrant Organization: Frontier Developments Ltd
Registrant Street: 306 Science Park,
Registrant City: Milton Road,
Registrant State/Province: Cambridge,
Registrant Postal Code: CB4 0WG

and the IP address points to this company: https://www.dotmailer.com/

nslookup and whois are your friends.

Mikkel Toxwenius · Apr 29, 2016

SystematicChaos said:
Well the whois info is this:

Domain Name: EMAIL-ELITEDANGEROUS.COM
Registry Domain ID: 1991818679_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.1api.net
Registrar URL: http://www.1api.net
Updated Date: 2016-01-05T17:15:49Z
Creation Date: 2016-01-05T17:15:48Z
Registrar Registration Expiration Date: 2017-01-05T17:15:48Z
Registrar: 1API GmbH
Registrar IANA ID: 1387
Registrar Abuse Contact Email: email@1api.net
Registrar Abuse Contact Phone: +49.68416984x200
Domain Status: clientTransferProhibited - http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Paul Ingram
Registrant Organization: Frontier Developments Ltd
Registrant Street: 306 Science Park,
Registrant City: Milton Road,
Registrant State/Province: Cambridge,
Registrant Postal Code: CB4 0WG

and the IP address points to this company: https://www.dotmailer.com/

nslookup and whois are your friends.

erm.. hmmm? What does this tell me then? Is the mail coming from Frontier?

- - - - - Additional Content Posted / Auto Merge - - - - -

CMDR_Cosmicspacehead said:
I received that too. But it landed in my inbox.

In any case, I didn't read it. Lol
It's probably OK to open, but if it asks for log in details/passwords, credit cards, or your wife's phone number, or the soul of your first born son... delete it. Lol

Ok cool thanks!

SystematicChaos · Apr 29, 2016

"erm.. hmmm? What does this tell me then? Is the mail coming from Frontier?"

Well given that they are both legitimate companies and the registration info is public and registered by FD (would be concerned if it was hidden) and the registrant does exist: https://community.elitedangerous.com/node/262 and registrars do actually check company registrations and only the registrant can set DNS and the SPF record points to dotmailer as the only domain that can relay on behalf of email-elitedangerous.com then it's up to you.

MorphUK · Apr 29, 2016

seems legit

I'shar · May 9, 2016

The newsletter should not just say Commander, it should say the CMD's name or first/last name from the account so we know its legit, they have the database, it ain't hard to traverse it.

Also why does it access http://email-elitedangerous.com/3F35-82LM-35QD1A-30ML3-1/c.aspx instead of a proper <sub>.elitedangerous.com web prefix ? ive seen address recipients spoof their registration tags. How HARD is it for ED to do it from newsletter.elitedangerous.com or email.elitedangerous.com ? its look unprofessional and dodgy. that code '3F35-82LM-35QD1A-30ML3-1' could be the algorithm to confirm you received it so they can verify that email address exists and sell it on the black market email spam lists.

Also why has a member of Frontier not even bothered to respond ? this could be a serious issue.

Ive added to my SPAM folder, if they cant be to do it properly, shouldn't do it at all then, in this day amd age.

Dave.

Brett C · May 9, 2016

email-elitedangerous.com is a domain managed and operated by us here at Frontier. Thanks.

Athan · May 9, 2016

Brett C said:
email-elitedangerous.com is a domain managed and operated by us here at Frontier. Thanks.

The sysadmin me wonders why you didn't just delegate email.elitedangerous.com or similar. The developer in me wonders if it was to avoid any possible cookie bleedthrough from the main site

.

Kaybe · May 9, 2016

The golden rule with emails that you're not sure about is simple: If it asks you to login to your account and provides you with a link, DON'T CLICK THE LINK! Just surf to the site directly on your browser and login there.

Also, a legit email will never never ask you to reply with your login information. Ever.

englishkernigit · May 9, 2016

Had a recent email form someone claiming to be Frontier too about getting a 'special day' gift once a year. Someone made a post about it but still no idea if its for real. Frontier hasnt confirmed its for real and seen nothing posted on the forums, website or news letter.

https://forums.frontier.co.uk/showthread.php?t=246463

Ian Phillips · May 9, 2016

What email did you get it from?

Check Brett's post earlier in this thread.

englishkernigit · May 9, 2016

It was from (newsletters@email-elitedangerous.com) but to be honest I tend not to put my trust in emails unless i see the same thing advertised/confirmed on the website or an official news letter, Had a bad experiance once with an email claiming to be from another company and not taking any chances.Also in the link i posted another moderator didnt seem to know anything about it either.

anikaiful · May 9, 2016

Mikkel Toxwenius said:
erm.. hmmm? What does this tell me then? Is the mail coming from Frontier?

Registrant is FD, so yes.

Athan · May 9, 2016

anikaiful said:
Registrant is FD, so yes.

Of course that means nothing of people are only checking the 'From: ' header. It could have come from anyone else.

What people really want to be careful about is any links in such emails. If in doubt go to the relevant site manually and check for the existence of pertinent content. And remember to definitely want a HTTPS URL for that, and check that the certificate is valid.

But, yes, it would definitely help if FD had mentioned these emails in another trusted place.

VR andysonofbob · May 9, 2016

Usual rule of thumb:

If it displays your full name AND is relevant it is usually OK.

Frontier have sent out emails without including my name though which is a little poor form seeing as it is just an addition field or two

Lobey · May 11, 2016

Can I just belabour the point again - even if this is 100% gold plated from Frontier and hand delivered by David Braben himself - DONT use any embedded links - it only encourages very bad practice.
Frontier , please do not do this - tell folk to log into their account in the normal way if you must and have the information there - embedding links in mails opens up your customers to bad habits and leads to problems .... really , please stop it.

Brett C · May 12, 2016

Athan said:
The sysadmin me wonders why you didn't just delegate email.elitedangerous.com or similar. The developer in me wonders if it was to avoid any possible cookie bleedthrough from the main site .

That's something outside of my control. I'll ask about and see why we went with this domain over a subdomain.

Radamanthe · May 12, 2016

Brett C said:
email-elitedangerous.com is a domain managed and operated by us here at Frontier. Thanks.

Thank you for confirmation. However, IMHO this is a bad idea in the first place as it does not contribute to educate people to avoid phishing attacks. To a technician, elitedangerous.com is naturally a legit domain (as is email.elitedangerous.com). But email-elitedangerous.com is suspicious, and should be so for anyone.

rdslw · May 12, 2016

Radamanthe said:
Thank you for confirmation. However, IMHO this is a bad idea in the first place as it does not contribute to educate people to avoid phishing attacks. To a technician, elitedangerous.com is naturally a legit domain (as is email.elitedangerous.com). But email-elitedangerous.com is suspicious, and should be so for anyone.

This x8!