Yesterday I got an e-mail saying it was and open letter from United Airlines to its "best customers" about the high cost of fuel and how it is causing problems in the industry. The gist of the e-mail was that speculation on the cost of oil is what is driving up the cost of oil and that the government needs to regulate the market to save us all from high fuel prices. I was immediately suspicious because I have flown United Airlines but do not have enough miles to be awarded any status in their frequent flier program. The e-mail was "signed" by the executives of several airlines asking me to  I didn't click on the link for several reasons.
1. I was busy and didn't think I had the time.
2. The text on the link and the actual link didn't point to the same web site. The link goes through unitedoffers.com which could be a web site by United Airlines but I didn't want to spend the time to check it out.
3. As I already stated I was a little suspicious of the "best customers" claims.
4. I generally don't click on links in unsolicited e-mail but instead prefer to go directly to the web site linked to.
5. The emotional nature of the subject. When I get an e-mail that gets me fired up and angry I always try to stop, calm down, and think a little before I do anything with it. This was drilled into me early on in my career by a VP of Software Engineering who would talk a lot about Carreer Shortening Moves.

Later in the day yesterday I got my monthly notice from Delta Airlines about my frequent flier account. Since I fly with Delta and have a lot of frequent flier miles I was sure they would mention this open letter since they were one of the signers. They didn't so I was pretty sure it was a phishing e-mail. I went on my way smug in my assurance that I had done the right thing.

As I was watching the local news they ran a story about the open letter. The story was more about the rising cost of fuel for airlines and the number of layoffs each airline had announced for this year but they did mention the open letter. So then I got to thinking that maybe the letter was legitimate.

This morning I spent a few minutes looking around for the answer to the question on whether the e-mail is valid or not. Here is what I found out.

When I went to the TV station's web site I couldn't find the article in the list of most recent articles. I also tried their search on the site but it couldn't find the article either. That makes me wonder why other stories from last night are on the web site but not that one. [+1 for phishing e-mail]

I checked the United Airlines, Delta Airlines, and Delta Airlines blog sites but didn't see the open letter mentioned on any of them. [+3 for phising e-mail]

Unitedoffers.com redirects back to the United Airlines web site. [+1 for legitimate e-mail]

I typed in the address of the link in the e-mail. The site looks like it is calling for reform of the oil speculation market. I haven't clicked on any other links. [+1 for legitimate e-mail]

Doing a Live search and Google search for the web site bring up the web site, a lot of people asking in forums if this is a real site, and some descriptions like this one:
"Go to the web site and enter your zip code so your representatives can be identified. Next, enter some personal information and emails get sent to the peeps that made an oath to serve." [Neutral since I don't know what personal information they are collecting]

In the end analysis I decided that I wasn't curious enough to go to the web site and enter my personal information (or even get to the page where I could see what the information they are asking for is) so I may never know if this is a legitimate e-mail or not. If I start seeing it posted to the official web sites of the airlines that supposedly signed the document I will probably decide that it is legitimate and then see if I want to sign the petition. The other thing that I have decided to do is to give into the emotion that I felt when I first read the e-mail and look up the e-mail address of my Senators and Representative and ask them if they have seen this and if there is anything that they can do.

Read the complete post at http://www.grokdev.com/Blogs/scott/2008/07/11/DetectingPhishingEmail.aspx