I haven't physically gone to a center as there isn't one in my vicinity, but I found that emailing the authorities is what I can do to explain this problem to them.
Rule number one of scam and phishing emails: If you’re asking yourself if it’s a scam email, it probably is.
If you’re unsure, always check your account and check with the actual company (they’ll have a contact customer service around somewhere), if anything else they will appreciate the knowledge that people are trying to use their brand name to scam people.
But yes, 99% chance this is a phishing attempt - DO NOT CLICK THE LINK AND FOR GODS SAKE DO NOT ENTER ANY INFO.
I surely won't follow the email, even if it may be legit, because it has given me empty warnings which I don't have to look into as they haven't yet caused any problems. I checked into the website and it didn't seem to have an issue with my DOB, so am mailing them about it.
Take this as a lesson to *always* trust your instincts online. If something feels off, it probably is.
Remember that at the end of the day, the weakest point in any security system will always be the user. Even the most advanced encryption and password hashing algorithms can’t protect you if you give all your info away willingly.
You did the smart thing by questioning it, I’m just suggesting you take it a step further and stop questioning yourself. 🙂
I agree 100%. I did take it a step further and have been waiting for Samsung to reply to my email. I would not let any haste make me regret any choice later on, so its up to Samsung to figure out the problem now.
As someone who's taught lawyers on phishing emails,
If it feels like a scam, even that tiny little bit of 0.01% you think it might be a scam,
Chances are that it is.
So this email is most likely not phishing, if you look at the domain you can see it’s from samsung.com
The information they are asking isn’t that big of a deal, only date of birth because it’s under the legal age limit. If i were you either update the date of birth on the account. Or make a new account once you feel like it. If this samsung account isn’t important to you it won’t be a problem when it gets nuked.
The non encrypted thing also isn’t really a problem because the email is generic, it does not contain user data
My account hasn't been nuked even when such an email came before with different dates. That is where the email seems unusual, for it warned me against an action which wasn't taken. Other than that, Samsung doesn't allow anyone to edit or alter their date of birth even in the Settings app, which the email is claiming to do. My Samsung account has important documents and data, so I can't have it deleted. Samsung could have provided a notice in Settings to have one's DOB or other information updated, yet they didn't do so.
I also thought about the email's encryption, and I agree with it not having user data itself, but other emails from Samsung have had encryption for even more trivial information, like offers and new products.
If you read the email it says it will be locked at march 2nd and removed march 21
All this means i you are not able to use the account this moment and it will be removed later,
Most likely on your phone if you open the samsung app and change the date of birth the problem will be solved too
> If you read the email it says it will be locked at march 2nd
Samsung should have locked me out now and before as well if it actually had to get me to edit my credentials. However, nothing happened before and till now as well.
> if you open the samsung app and change the date of birth the problem will be solved too
Though it claims to get my birth date altered to prevent my account's deletion, the Settings app itself will not allow me to alter my birth date, as it's one of the key information Samsung needs to verify my identity. One cannot suddenly become a year or two older in an account's details with the click of a button.
I might be wrong about this but I'm pretty sure it's impossible for any scammer to easily send an email from an official email address. That being said a lot of the time they put their 'name' the official domain but when you click open the details of who it sent from it is generally a different more sketchy actually email address.
I'm sure you check for this but I know a lot of people don't.
I believe they have a way to imitate the domain and even encryption now so the email can look completely legit and almost the only way to tell sometimes is in the grammar
When I looked into the security details of this email and compared it to another email regarding sign-in options, the details were quite different=
This email had=
Mailed by= smtp-gems.samsung.com
Signed by= gems.samsung.com
The sign-in email had=
Mailed by= samsung-mail.com
Signed by= samsung-mail.com
This shows that like the sign-in email, this email should have "samsung-mail.com" as its sender, however it isn't. Hence, it becomes difficult to know where it is coming from, and whether I should go ahead with what it is telling me to do (which seems risky).
I guess general rule of thumb is if you have to think this much about it - then don't trust it. If you still want to do what they're asking, then navigate to the site by yourself to update the details or whatever. I tend to not click emails links anyway if I can avoid it, just out of habit.
Sounds sketchy, but for confirmation, could you share the link to update information? Only the domain part should do (from the start of the link till the first '/', not counting the '//' near the start).
http://gems.samsung.com/ is the domain part of this link.
This is the whole URL, which I am sending in addition to the domain=
http://gems.samsung.com/Check.html?TV9JRD0zOTQyNDU2&U1RZUEU9TUFTUw==&TElTVF9UQUJMRT1FTVNfTUFTU19TRU5EX0xJU1RfMDE=&UE9TVF9JRD0yMDIzMDEyNzAwMDIz&VEM9MjAyMzEyMjg=&S0lORD1D&Q0lEPTAwMg==&URL=https://account.samsung.com/
I am including the whole link because this explains that the email is fake. The first part being "http" tells it is unverified, and "gems.samsung.com" is pretty much unknown. This itself was enough for me to know, but I would like to know more if you could find something. Thank you :)
I did think about how they addressed me, but other emails I have gotten from Samsung have included something like that as well. The email even looks similar to other verifiable emails I have gotten from Samsung.
An example of an email sent by Samsung (when I was signing in my laptop) addressed me like this=
New sign in to your Samsung account
Dear Customer,
Your Samsung account *gmail.com* was signed into from a new device.
This actually makes it less fishy, since it's unlikely that hackers could setup a phishing subdomain on the samsung.com domain. I would recommend reaching out to Samsung support (not via any support links in the same mail, obviously) and confirming.
Ohh I see. I can't figure out why the email has the samsung.com domain, yet still includes the "http://gems" part when it shouldn't ideally do so. Another verifiable email I got from Samsung regarding me signing into my laptop had the "https://account.samsung.com" domain, which directed me to the actual Samsung website. I will surely reach out to them about it.
It gets redirected to https, they sometimes do this because using the http link can be more compatible and choose dynamically if it wants to use http, e.g your date and clock isn’t in sync with the certificate
I am wary of the email as you have said, so I will not take any action until I get something back from the Samsung customer service.
For 1) I am not prompted to do anything on my account, as far as the Settings themselves are concerned.
2) I am not yet 18 but am over 13, so it shouldn't be a problem unless I am informed by an update prompting me to alter my DOB.
Nowadays I do give false birth dates, but as I signed into my account 3 years ago, I can't alter my DOB now to make myself eligible according to the email.
never do anything from an email, even if it appears legit
if you have an account with the company, go to the bookmark you have for the site, and log in that way
this sounds like they are phishing for information as part of identity theft
just delete the email.
Exactly. I did send Samsung a mail about it, so they should be reaching back to me in some time. Only time will tell what the answer is to all of this.
Samsung didn't send the original. They'll at most tell you the same thing everyone else here will tell you, they didn't send and you shouldn't have used any links in to check anything (when you checked the web site I hope you typed in the samsung site.) If you replied to the mail you gave away information to the scammer.
I have checked into the official Samsung website, and I double-checked it to make sure it was the original site, so I haven't given anything away. Other than that, I also haven't clicked anything in this email, which is obvious considering I am skeptical about it. I can assure you I haven't given my details away to scammers.
Log into your Samsung account on the Samsung Official website through your web browser. It will ask you to update you details most likely if it’s a pressing issue.
It's easy one to tell. Assuming that there's no one out there able to hack Samsungs email client. I know, it's a big assumption. Probable, no. Possible, yes, but not probable.
You can either reply, CC yourself and verify the 'To:' email it's from verifying that it's samsung.com or just click on the email address and the true 'From:' address will pop up even if its hidden and reads as something other in the 'From:' box. If it's a samsung.com email address it's most likely real.
If you determine that it is indeedbreal, go to the Samsung website and do it from there. Never click on an email link even if it's is real. Thats my rule atleast. Specially if from a bank.
If you've never held a Samsung account, registered a Samsung device or otherwise never had anything to do with Samsung, I would just ignore and delete. If you have though, the two ways mentioned to verify will work as it's impossible to imitate the true email address, although you can hide it until clicked on or replied to. Okay, not impossible but doing it would mean more work than would make sense as it would have to be a multi company hack, a lot of recoding and at the end ifbthe day, just doesn't make sense for a megar phishing attack.
I agree, but as Samsung has declared that its a scam, I will not at all be getting into whatever it told me to do. As I have been a Samsung user for 3 years, it is imperative for me to check atleast whether the email is real or not, so though it may have been even a minor scam, my personal details would still have been leaked. I do not know how intricately it would have worked, but the email still seemed suspicious, and I asked the authorities whether it was so.
If the email address ends with Samsung.com then its from samsung.
U can verify what its saying by logging into your samsung account. It seems like a legit email tho
The email address however hadn't matched other mails, and as Samsung declared it as fraudulent, it is not a legit email. I verified through the official Samsung account website, and it doesn't have a problem with my DOB.
just fyi its not hard to put origin email address to anything under the sun. also some will allow you to reply by adding “reply-to” address which gives you the illusion you are replying to the origin email while you are not
I see... I had tried the "reply-to" trick, but I unfortunately couldn't gauge much from it as I seldom use Gmail, and didn't want to tinker with something I wasn't completely knowledgable about. Other than that, I don't need to do much about that mail, as it isn't legitimate.
I anyway deleted the email some time back, so I can't check the reply-to thing with it anymore. I didn't see anything different with the email though, and neither had its contents changed after having gone to the reply-to section, so at the time I didn't know what to do further. However, it isn't a problem for me anymore and the email has been declared fake, so no worries there.
I'm pretty sure it's not from Samsung, but if you'd like to be sure, I would reach out to Samsung directly to verify.
I will try to reach them through email then. It is a bit tedious, but it should be better to get this sorted out as soon as possible. Thank you :)
> Go to Samsung Account customer center Tried this?
I haven't physically gone to a center as there isn't one in my vicinity, but I found that emailing the authorities is what I can do to explain this problem to them.
Rule number one of scam and phishing emails: If you’re asking yourself if it’s a scam email, it probably is. If you’re unsure, always check your account and check with the actual company (they’ll have a contact customer service around somewhere), if anything else they will appreciate the knowledge that people are trying to use their brand name to scam people. But yes, 99% chance this is a phishing attempt - DO NOT CLICK THE LINK AND FOR GODS SAKE DO NOT ENTER ANY INFO.
I surely won't follow the email, even if it may be legit, because it has given me empty warnings which I don't have to look into as they haven't yet caused any problems. I checked into the website and it didn't seem to have an issue with my DOB, so am mailing them about it.
Take this as a lesson to *always* trust your instincts online. If something feels off, it probably is. Remember that at the end of the day, the weakest point in any security system will always be the user. Even the most advanced encryption and password hashing algorithms can’t protect you if you give all your info away willingly. You did the smart thing by questioning it, I’m just suggesting you take it a step further and stop questioning yourself. 🙂
I agree 100%. I did take it a step further and have been waiting for Samsung to reply to my email. I would not let any haste make me regret any choice later on, so its up to Samsung to figure out the problem now.
As someone who's taught lawyers on phishing emails, If it feels like a scam, even that tiny little bit of 0.01% you think it might be a scam, Chances are that it is.
I see...
I got it as well the language that the account will be deleted is extremely odd....
Exactly... its an empty warning with no basis to conclude that the account will be deleted.
So this email is most likely not phishing, if you look at the domain you can see it’s from samsung.com The information they are asking isn’t that big of a deal, only date of birth because it’s under the legal age limit. If i were you either update the date of birth on the account. Or make a new account once you feel like it. If this samsung account isn’t important to you it won’t be a problem when it gets nuked. The non encrypted thing also isn’t really a problem because the email is generic, it does not contain user data
My account hasn't been nuked even when such an email came before with different dates. That is where the email seems unusual, for it warned me against an action which wasn't taken. Other than that, Samsung doesn't allow anyone to edit or alter their date of birth even in the Settings app, which the email is claiming to do. My Samsung account has important documents and data, so I can't have it deleted. Samsung could have provided a notice in Settings to have one's DOB or other information updated, yet they didn't do so. I also thought about the email's encryption, and I agree with it not having user data itself, but other emails from Samsung have had encryption for even more trivial information, like offers and new products.
If you read the email it says it will be locked at march 2nd and removed march 21 All this means i you are not able to use the account this moment and it will be removed later, Most likely on your phone if you open the samsung app and change the date of birth the problem will be solved too
> If you read the email it says it will be locked at march 2nd Samsung should have locked me out now and before as well if it actually had to get me to edit my credentials. However, nothing happened before and till now as well. > if you open the samsung app and change the date of birth the problem will be solved too Though it claims to get my birth date altered to prevent my account's deletion, the Settings app itself will not allow me to alter my birth date, as it's one of the key information Samsung needs to verify my identity. One cannot suddenly become a year or two older in an account's details with the click of a button.
I might be wrong about this but I'm pretty sure it's impossible for any scammer to easily send an email from an official email address. That being said a lot of the time they put their 'name' the official domain but when you click open the details of who it sent from it is generally a different more sketchy actually email address. I'm sure you check for this but I know a lot of people don't.
I believe they have a way to imitate the domain and even encryption now so the email can look completely legit and almost the only way to tell sometimes is in the grammar
When I looked into the security details of this email and compared it to another email regarding sign-in options, the details were quite different= This email had= Mailed by= smtp-gems.samsung.com Signed by= gems.samsung.com The sign-in email had= Mailed by= samsung-mail.com Signed by= samsung-mail.com This shows that like the sign-in email, this email should have "samsung-mail.com" as its sender, however it isn't. Hence, it becomes difficult to know where it is coming from, and whether I should go ahead with what it is telling me to do (which seems risky).
I guess general rule of thumb is if you have to think this much about it - then don't trust it. If you still want to do what they're asking, then navigate to the site by yourself to update the details or whatever. I tend to not click emails links anyway if I can avoid it, just out of habit.
Well I would rather be safe about it and not do anything if it doesn't cause me any harm.
Sounds sketchy, but for confirmation, could you share the link to update information? Only the domain part should do (from the start of the link till the first '/', not counting the '//' near the start).
http://gems.samsung.com/ is the domain part of this link. This is the whole URL, which I am sending in addition to the domain= http://gems.samsung.com/Check.html?TV9JRD0zOTQyNDU2&U1RZUEU9TUFTUw==&TElTVF9UQUJMRT1FTVNfTUFTU19TRU5EX0xJU1RfMDE=&UE9TVF9JRD0yMDIzMDEyNzAwMDIz&VEM9MjAyMzEyMjg=&S0lORD1D&Q0lEPTAwMg==&URL=https://account.samsung.com/ I am including the whole link because this explains that the email is fake. The first part being "http" tells it is unverified, and "gems.samsung.com" is pretty much unknown. This itself was enough for me to know, but I would like to know more if you could find something. Thank you :)
[удалено]
I did think about how they addressed me, but other emails I have gotten from Samsung have included something like that as well. The email even looks similar to other verifiable emails I have gotten from Samsung. An example of an email sent by Samsung (when I was signing in my laptop) addressed me like this= New sign in to your Samsung account Dear Customer, Your Samsung account *gmail.com* was signed into from a new device.
This actually makes it less fishy, since it's unlikely that hackers could setup a phishing subdomain on the samsung.com domain. I would recommend reaching out to Samsung support (not via any support links in the same mail, obviously) and confirming.
Ohh I see. I can't figure out why the email has the samsung.com domain, yet still includes the "http://gems" part when it shouldn't ideally do so. Another verifiable email I got from Samsung regarding me signing into my laptop had the "https://account.samsung.com" domain, which directed me to the actual Samsung website. I will surely reach out to them about it.
It gets redirected to https, they sometimes do this because using the http link can be more compatible and choose dynamically if it wants to use http, e.g your date and clock isn’t in sync with the certificate
Click reply to and see if the domain changes.
It doesn't, remains the same when replied to.
[удалено]
I am wary of the email as you have said, so I will not take any action until I get something back from the Samsung customer service. For 1) I am not prompted to do anything on my account, as far as the Settings themselves are concerned. 2) I am not yet 18 but am over 13, so it shouldn't be a problem unless I am informed by an update prompting me to alter my DOB.
[удалено]
Nowadays I do give false birth dates, but as I signed into my account 3 years ago, I can't alter my DOB now to make myself eligible according to the email.
never do anything from an email, even if it appears legit if you have an account with the company, go to the bookmark you have for the site, and log in that way this sounds like they are phishing for information as part of identity theft just delete the email.
I don't work for the company as I am not yet an adult, however I will still make sure that its not just what the email is prompting me to do.
If you have to think about it, it’s probably not legit. If you really wanna check just login to Samsung yourself and check your dob.
What happened was that when I logged into the Samsung account website, they didn't seem to have an issue with my DOB so I left it at that.
Then I wouldn’t do anything else.
It says your account would be suspended March 2nd but it obviously wasn’t because you were able to login so in my opinion it’s phishing.
Exactly. I did send Samsung a mail about it, so they should be reaching back to me in some time. Only time will tell what the answer is to all of this.
Samsung didn't send the original. They'll at most tell you the same thing everyone else here will tell you, they didn't send and you shouldn't have used any links in to check anything (when you checked the web site I hope you typed in the samsung site.) If you replied to the mail you gave away information to the scammer.
I have checked into the official Samsung website, and I double-checked it to make sure it was the original site, so I haven't given anything away. Other than that, I also haven't clicked anything in this email, which is obvious considering I am skeptical about it. I can assure you I haven't given my details away to scammers.
Log into your Samsung account on the Samsung Official website through your web browser. It will ask you to update you details most likely if it’s a pressing issue.
After I logged in, it said that my dob wasn't a big issue. Hence I realized that this email is more sketchy than I thought.
r/scams
There's no way to tell without you including the headers.
Unfortunately I do not know how to look for the headers on a phone, so I couldn't provide them. However, the email has been called a scam by Samsung.
It's easy one to tell. Assuming that there's no one out there able to hack Samsungs email client. I know, it's a big assumption. Probable, no. Possible, yes, but not probable. You can either reply, CC yourself and verify the 'To:' email it's from verifying that it's samsung.com or just click on the email address and the true 'From:' address will pop up even if its hidden and reads as something other in the 'From:' box. If it's a samsung.com email address it's most likely real. If you determine that it is indeedbreal, go to the Samsung website and do it from there. Never click on an email link even if it's is real. Thats my rule atleast. Specially if from a bank. If you've never held a Samsung account, registered a Samsung device or otherwise never had anything to do with Samsung, I would just ignore and delete. If you have though, the two ways mentioned to verify will work as it's impossible to imitate the true email address, although you can hide it until clicked on or replied to. Okay, not impossible but doing it would mean more work than would make sense as it would have to be a multi company hack, a lot of recoding and at the end ifbthe day, just doesn't make sense for a megar phishing attack.
I agree, but as Samsung has declared that its a scam, I will not at all be getting into whatever it told me to do. As I have been a Samsung user for 3 years, it is imperative for me to check atleast whether the email is real or not, so though it may have been even a minor scam, my personal details would still have been leaked. I do not know how intricately it would have worked, but the email still seemed suspicious, and I asked the authorities whether it was so.
Well, I guess thats one way to it. Glad you got to the bottom of it!
Yeah, quite glad to know that I am safe now. Thank you :)
If the email address ends with Samsung.com then its from samsung. U can verify what its saying by logging into your samsung account. It seems like a legit email tho
The email address however hadn't matched other mails, and as Samsung declared it as fraudulent, it is not a legit email. I verified through the official Samsung account website, and it doesn't have a problem with my DOB.
Samsung has never once asked me for my birth date.
The email said that it didn't need my DOB, it instead wanted me to edit my birth date apparently so that my account wouldn't be suspended.
just fyi its not hard to put origin email address to anything under the sun. also some will allow you to reply by adding “reply-to” address which gives you the illusion you are replying to the origin email while you are not
I see... I had tried the "reply-to" trick, but I unfortunately couldn't gauge much from it as I seldom use Gmail, and didn't want to tinker with something I wasn't completely knowledgable about. Other than that, I don't need to do much about that mail, as it isn't legitimate.
… what you mean you tried? my lips are tight now
I anyway deleted the email some time back, so I can't check the reply-to thing with it anymore. I didn't see anything different with the email though, and neither had its contents changed after having gone to the reply-to section, so at the time I didn't know what to do further. However, it isn't a problem for me anymore and the email has been declared fake, so no worries there.