Garmin ??? message ???

 

Has anyone received an email purporting to be about
"updated the privacy policies" recently???

The email it is sent from is "reply@email1.garmin.com
That is "email1, the number one after email.
Somehow this does not look legit to me.

--
Nuvi 2797LMT, DriveSmart 50 LMT-HD, Using Windows 10. DashCam A108C with GPS.

Look at message headers.

You can't really go by the email address shown as the From address. You have to look at the hidden message headers to determine if the message actually originated from garmin.com or from somewhere else. That said, I don't really see anything wrong with "email1.garmin.com" as a legitimate mail host name.

--
Alan - Android Auto, DriveLuxe 51LMT-S, DriveLuxe 50LMTHD, Nuvi 3597LMTHD, Oregon 550T, Nuvi 855, Nuvi 755T, Lowrance Endura Sierra, Bosch Nyon

yeah, i saw that ...

... and I stored it securely with all the other Privacy Policy notices that I am given ...

... straight into the trash! cool

--

it's the dog's fault

--
Garmin DriveSmart 5 My other toys: IMac quad-core i3, Mac Mini M1. MacOS: Sequoia 15.1.1 The dog's name is Ginger.

.

alandb wrote:

You can't really go by the email address shown as the From address. You have to look at the hidden message headers to determine if the message actually originated from garmin.com or from somewhere else. That said, I don't really see anything wrong with "email1.garmin.com" as a legitimate mail host name.

The above reply is correct. From field can be easily spoofed. email1 is a subdomain of garmin.com. [Anything].garmin.com is legitimate but that does not mean the email is really from garmin. Take a look at the mail header to see where exactly it is coming from.

Good point ...

chewbacca wrote:
alandb wrote:

You can't really go by the email address shown as the From address. You have to look at the hidden message headers to determine if the message actually originated from garmin.com or from somewhere else. That said, I don't really see anything wrong with "email1.garmin.com" as a legitimate mail host name.

The above reply is correct. From field can be easily spoofed. email1 is a subdomain of garmin.com. [Anything].garmin.com is legitimate but that does not mean the email is really from garmin. Take a look at the mail header to see where exactly it is coming from.

Yep ... all good advice ... but the header can also be spoofed, so the real thing to watch out for are links that you might be tempted to click on ... they should also be going to xxxxxx.garmin.com, not garmin.xxxxx.com and DEFINITELY not garmin.xxxx.com.cn smile

CC

.

CookieCutter wrote:

Yep ... all good advice ... but the header can also be spoofed, so the real thing to watch out for are links that you might be tempted to click on ... they should also be going to xxxxxx.garmin.com, not garmin.xxxxx.com and DEFINITELY not garmin.xxxx.com.cn smile

CC

That normally triggers SPF/DKIM flags. I don't think like spammers so I don't know if they tools to beat SPF/DKIM records. You're right though, the bottom line is to never follow what it tells you to do whether that is clicking a link, filling out a form in the email body or opening an attachment (which is normally the malware). If it's just a notification, most damage it does is they know your email address is good.

On

On the other hand, Garmin did update their Privacy Polices recently as shown on:

https://www.garmin.com/en-US/privacy/global/policy/

I suspect the e-mail received is legit.

--
Nuvi 350, 760, 1695LM, 3790LMT, 2460LMT, 3597LMTHD, DriveLuxe 50LMTHD, DriveSmart 61, Garmin Drive 52, Garmin Backup Camera 40 and TomTom XXL540s.

.

renegade734 wrote:

... straight into the trash!

Pretty much. Who reads a congressional-sized document? If you don't agree, they say "don't use the product".

Yeah, right... :/

--
nüvi 3790T | Those who make peaceful revolution impossible, will make violent revolution inevitable ~ JFK

OK according to google's spam filters


Original Message
Message ID <0.0.44.969.1D3D6D9CE12C13C.0@uspmta172057.emarsys.net>
Created at: Wed, Apr 18, 2018 at 1:55 AM (Delivered after 4 seconds)
From: Garmin Using class SMTPMail
To: ******@*****.com
Subject: We’ve Updated Our Privacy Policies
SPF: PASS with IP 195.54.172.57 Learn more
DKIM: 'PASS' with domain email1.garmin.com Learn more
DMARC: 'PASS' Learn more

--
Nüvi 2595LMT

Spam ? Phishing?

WAASup wrote:


Original Message
Message ID <0.0.44.969.1D3D6D9CE12C13C.0@uspmta172057.emarsys.net>
Created at: Wed, Apr 18, 2018 at 1:55 AM (Delivered after 4 seconds)
From: Garmin Using class SMTPMail
To: ******@*****.com
Subject: We’ve Updated Our Privacy Policies
SPF: PASS with IP 195.54.172.57 Learn more
DKIM: 'PASS' with domain email1.garmin.com Learn more
DMARC: 'PASS' Learn more

I always worry about being spammed or a phishing scheme.

I agree the "return" email addy looks strange.

Got another one today

It came to me in the SPAM folder, actually the first did too, so maybe Yahoo knows better than I do.
I did have a look at it and there are two clickable links.
Unless I'm absolutely sure of a message there is no way I'll click a link.
I just deleted it then.
Thanks for your input though.

--
Nuvi 2797LMT, DriveSmart 50 LMT-HD, Using Windows 10. DashCam A108C with GPS.

If...

If you're worried about the email authenticity and want to read Garmin's updated privacy policy, go to the link provided by t923347:

https://www.garmin.com/en-US/privacy/global/policy/

Thanks to t93347 for providing it.

Get Used to it

New laws are being enacted to protect privacy, and when that happens, things like this from Garmin will happen.

The email appears to be legit, I went through many of the links ands never sent to somewhere weird or asked for credentials.

A couple years ago, when the European privacy laws were revised, it caused a HUGE reaction and you should have seen plenty of notifications like this.

--
When you are dead, you don’t know that you are dead. It is only difficult for the others. It is the same when you are stupid.