Why do banks send emails with links to surveys?

Forums › Off topic › Why do banks send emails with links to surveys?

mattwnz

20515 posts

Uber Geek
+1 received by user: 4795

#319523 2-May-2025 15:42

Just had an email from my bank (at least it looks like it is like from my bank), that asks how the bank is doing and to click a button to start the survey. Yet in that same email below the button it says that scams are becoming more sophisticated and that anyone can fall victim. So this sort of email could also be sent from scammer as a phishing type email and the link could redirect anywhere. I just don't click on any link in an unsolicited email. So I do wonder why banks are sending these sorts of emails. Do others think banks should stop sending these sorts of emails?

1 | 2

11099 posts

Uber Geek
+1 received by user: 6082

Trusted

Lifetime subscriber

#3370023 2-May-2025 15:47

Which bank? I've never seen anything like that from Westpac.

Edit: It turns out that I have, and I'd just forgotten. See top of page 2.

mattwnz

20515 posts

Uber Geek
+1 received by user: 4795

#3370024 2-May-2025 15:48

Behodar:

Which bank? I've never seen anything like that from Westpac.

Kiwibank

tweake

2641 posts

Uber Geek
+1 received by user: 1137

#3370025 2-May-2025 15:50

yes, its been a problem for a long time. they send out emails with links "please check ..." links and wonder why people get scammed. banks don't care, they more interested in making it easy for the customer.

wellygary

8810 posts

Uber Geek
+1 received by user: 5287

#3370027 2-May-2025 15:54

Because the "Marketing" department think that because they are not the "banking" department, they don't need to follow the same rules....

alasta

6889 posts

Uber Geek
+1 received by user: 3363

Trusted

Subscriber

#3370034 2-May-2025 16:06

It's like our IT department at work. They play silly games by sending out mock scam emails to test our ability to spot them and react correctly. Meanwhile their attempts to 'educate' us are being undermined by our own systems sending out legitimate emails that look like scams. 🙄

Behodar

11099 posts

Uber Geek
+1 received by user: 6082

Trusted

Lifetime subscriber

#3370037 2-May-2025 16:21

Our IT dept tells us to always check where links are pointing to, and meanwhile rewrites all incoming links to something like urldefence.com/dglkndffgjndfgdfgfd/sdgfjndfgdf

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

mattwnz

20515 posts

Uber Geek
+1 received by user: 4795

#3370038 2-May-2025 16:22

It does make me wonder if it is a bit of a test to find customers who actually click on links in emails. Then tag them as a customer that clicks on links in unsolicited emails. LOL

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#3370063 2-May-2025 19:26

alasta:

It's like our IT department at work. They play silly games by sending out mock scam emails to test our ability to spot them and react correctly. Meanwhile their attempts to 'educate' us are being undermined by our own systems sending out legitimate emails that look like scams. 🙄

and then i bet they whine when you just delete it out of hand and dont report it as spam.

I've taken to reporting legit emails as phishing attempt, because they contain links like a scammer would add.

Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight

richms

29099 posts

Uber Geek
+1 received by user: 10211

Trusted

Lifetime subscriber

#3370065 2-May-2025 19:45

mattwnz:

Behodar:

Which bank? I've never seen anything like that from Westpac.

Kiwibank

Not known for being a very smart bank so 🤷

Richard rich.ms

alasta

6889 posts

Uber Geek
+1 received by user: 3363

Trusted

Subscriber

#3370169 3-May-2025 11:39

davidcole:

I've taken to reporting legit emails as phishing attempt, because they contain links like a scammer would add.

I used to do that too but then starting getting conflicting advice as to whether I was doing the right thing depending on who in the IT department I talk to.

I've given up reporting anything and I just delete all pointless emails, including the IT department's own social experiment phishing emails.

richms

29099 posts

Uber Geek
+1 received by user: 10211

Trusted

Lifetime subscriber

#3370186 3-May-2025 11:48

alasta:

I used to do that too but then starting getting conflicting advice as to whether I was doing the right thing depending on who in the IT department I talk to.

I've given up reporting anything and I just delete all pointless emails, including the IT department's own social experiment phishing emails.

If you are on gmail or something then I would report phishing on them so hopefully it gives them email deliverabilty issues and they reevaluate this braindead idea.

Richard rich.ms

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

SirHumphreyAppleby

2939 posts

Uber Geek
+1 received by user: 1860

#3370188 3-May-2025 12:13

DKIM needs to be brought into the client-space by default (with no plugins) so people can actually see who signs e-mails and make decisions based on that. Spam filters need to start filtering based on bad DKIM selectors, not IP reputation, PTRs or the domain from which they originate, unless there is an established pattern of behaviour which brings the IP/domain as a whole into question. As it is, too many legitimate e-mails get deleted or marked as spam and reporting legitimate e-mail just makes the situation worse.

KiwiSurfer

1722 posts

Uber Geek
+1 received by user: 993

ID Verified

Lifetime subscriber

#3370305 4-May-2025 00:12

For whats its worth Kiwibank does send their surveys from their main @kiwibank.co.nz domain and DKIM, DMARC, SPF, all passes.

    dkim=pass (1024-bit rsa key sha256) header.d=kiwibank.co.nz 
      header.i=@kiwibank.co.nz header.b=GQ+X7rEc header.a=rsa-sha256 
      header.s=qualtrics; 
    dmarc=pass policy.published-domain-policy=reject 
      policy.applied-disposition=none policy.evaluated-disposition=none 
      (p=reject,d=none,d.eval=none) policy.policy-from=p 
      header.from=kiwibank.co.nz; 
    iprev=pass smtp.remote-ip=98.97.249.37 
      (smtp-249-37.syd1.qemailserver.com); 
    spf=pass smtp.mailfrom=noreply@kiwibank.co.nz 
      smtp.helo=smtp-249-37.syd1.qemailserver.com

I have no concerns responding to these given the above more or less proves it was Kiwibank that sent the email.

Kiwibank also includes a sentence explaning why they sent the survey which also adds another line of defense. If I got an email out of the blue despite no recent contact that would raise red flags. But every single one I can find in my archives is releated to an actual interaction I had with Kiwibank -- usually sent out a few days afterwards.

Other companies that do similar surveys often sends it from their survey provider's domain or some other made up domain. Qantas for example sends theirs from howwasqantas.com. ibis hotels sends theirs from trustyou.com. Auckland Transport from qemailserver.com. Southern Cross sends theirs from au.customergauge.com.

Not Kiwibank -- they ensure the surveys are sent from their own domain. Looking at others I can see Air NZ does the same. Even some small businesses I deal with get this right.

And it's not a marketing thing -- at least for Kiwibank they go to the relevant people if you give bad feedback. I had a really awful experience which was very quickly sorted out by the relevant manager the very next day after contacting me about a feedback I left via their survey. So I'd probably give further feedback to Kiwibank as I know they do action on what they get via the surveys. At least they're not like Air NZ and other corps who seems to send all their survey feedback to /dev/null.

Can understand the concern but I think in Kiwibank's case they've tried to do the right thing and it's a genuine tool for following up with issues.

KiwiSurfer

1722 posts

Uber Geek
+1 received by user: 993

ID Verified

Lifetime subscriber

#3370306 4-May-2025 00:16

Behodar:

Our IT dept tells us to always check where links are pointing to, and meanwhile rewrites all incoming links to something like urldefence.com/dglkndffgjndfgdfgfd/sdgfjndfgdf

Agree, at my $DAY_JOB we use O365 which rewrites all URLs to something.safelinks.outlook.com/something/encodedURL which makes it a pain copying URLs from within O365 apps as it will paste as a massively long URL instead of the proper URL itself. Drives me mad.

Handle9

11925 posts

Uber Geek
+1 received by user: 9675

Trusted

Lifetime subscriber

#3370307 4-May-2025 01:00

Maybe the banks would like to know what their customers think. Just putting it out there.

1 | 2