I just received an email with the following opening line:
"Good news! You have $5,759.31 in your StartHere account and we'd love to pay this out to you!"
The dodgy as hell - what's the point? I know it's obvious baloney but I guess I did log in to see what was going on with my account - no surprise I'm at $0.
I can't see this entices me to use your services, just incentive to unsubscribe and delete my account
Looks legit….
Return-Path: <[email protected]>
Received: from web1.starthere.com.au (web1.starthere.com.au. [202.174.103.67])
by mx.google.com with ESMTP id v10si9518223pav.97.2013.05.17.16.03.47
for <xxx>;
Fri, 17 May 2013 16:03:48 -0700 (PDT)
dunno - sending me an email begging for my bank details with fantastic claims of monetary rewards sound more like malice than a software "bug" (or stupidity for that matter)
That sounds like phishing. Maybe their systems got hacked.
well if it is legit then report it to the accc
I got this same thing just now. Tbh I never really used them and after this email will probably delete my acccount with them
I got the same email saying I had $518.76 despite having not used the service in months. Sure enough, after logging in my balance was $0.00
Could one of you who understands how look at the HTML source code of the email to see where the links lead to? Don't click on the link! If it's phishing it'll lead to a different site. I find it suspicious that a web server is sending out email because web site vulnerabilities are legion.
This should be reported to starthere, it could be serious.
No, I checked that, the email is legit. HTML source shows the link pointing to: https://www.starthere.com.au/account/account
Email headers show it (legitimately) came from StartHere's email server:
Delivered-To: [email protected]
Received: by 10.229.111.72 with SMTP id r8csp146223qcp;
Fri, 17 May 2013 15:58:14 -0700 (PDT)
X-Received: by 10.66.216.198 with SMTP id os6mr50167199pac.145.1368831494105;
Fri, 17 May 2013 15:58:14 -0700 (PDT)
Return-Path: <[email protected]>
Received: from web1.starthere.com.au (web1.starthere.com.au. [202.174.103.67])
by mx.google.com with ESMTP id tw9si9518201pac.42.2013.05.17.15.58.13
for <[email protected]>;
Fri, 17 May 2013 15:58:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 202.174.103.67 as permitted sender) client-ip=202.174.103.67;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 202.174.103.67 as permitted sender) [email protected]
Received: from starthere.com.au (localhost.localnet [127.0.0.1])
by web1.starthere.com.au (Postfix) with ESMTP id 254DE3C047A
for <[email protected]>; Fri, 17 May 2013 22:58:12 +0000 (UTC)
Message-ID: <[email protected]>
Date: Fri, 17 May 2013 17:58:12 -0500
Subject: Alan, we've got $518.76 with your name on it!
From: "Starthere.com.au" <[email protected]>
To: [email protected]
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
It could still be a break in by a hacker who just wanted to prank starthere. That's not benign because some unauthorised person got hold of the email addresses.
I got the same email for $589.89
Edit decided to remove my bank details
Same email ~$4,000
Hi all,
We are really sorry for the confusion. This was due to a technical error (read - stupidity, ref - greenpossum) and it has since been fixed.
Apologies to all that received the email either for suspecting phishing or being delighted only to be almost instantly disappointed.
Thanks, Steve.
Fixed as in "will never happen again?" When I saw this email and checked out that it looked almost legit I was kind of glad I hadn't gotten around to referring friends.
I find starthere have been very good at making payments, although obviously a blunder here.
are you sure it isn't phishing spam? have you viewed the message headers?