cancel
Showing results for 
Search instead for 
Did you mean: 

Accessing Special Offers only Available through Email Links

Baldrick1
Moderator
Moderator
Posts: 8,498
Thanks: 3,851
Fixes: 276
Registered: ‎30-06-2016

Accessing Special Offers only Available through Email Links

My wife had one this morning from a company she deals with regularly. Being trained never to click on links I looked into a solution. Closing the email and going to the site through a Google search showed the full price. Logging in to her account still showed full price. The email address showed the same https domain as in the link.

So I opened the link which showed the reduced price. This opened in another window. At this point I logged out of the 'Googled' account and clicked buy on the linked one, went to the pay page and found that it had picked up the account details correctly from the googled site log in.

Question: Would it have done this and worked if the link had been to be from a spoofed site?

To reiterate what I did.

1. Logged in to an account through a legitimate link.

2. Clicked on the email link, which opened in another window and put an item in the basket. I did not log in through this page.

3. Closed the known legitimate page where I had logged in to the account.

4. Went to the Pay Now page and found that the account name and address had been successfully added to the email linked order, suggesting to me that I had been connected to the same correct legitimate site.

Basically I'm interested whether this is a safe way of getting these email linked special offers from suppliers that you know and trust or whether cookies had just lulled me into a false sense of security.

 

 

Moderator and Customer
If this helped - select the Thumb
If it fixed it,  help others - select 'This Fixed My Problem'

1 REPLY 1
jab1
Aspiring Legend
Posts: 10,547
Thanks: 3,471
Fixes: 123
Registered: ‎24-02-2012

Re: Accessing Special Offers only Available through Email Links

@Baldrick1 I rarely, if ever, click through email 'offers', but if that is the only way to get them, I check the full header and determine the originating address -f it is the correct one, then I would be 99.9% sure it was legit.

John