Google adsense sent me an email that looks just like a phishing email. It's all good barring a "Report.zip" attachment. No signature?
Why are big internet companies still doing this? It's not as bad as the ones that send you an email from a spoof-styled domain ... oh that's Google again [and several others] google@elocation-google.com sends me adwords email with a link saying "http://www.google.co.uk/adwords/coupons/terms.html" that actually goes to http://clicks.elocation-google.com/email/S-... exactly the m.o. of phishers.
Couldn't they just use subdomains of the genuine domain, do some signing or other confirmations?
Seems the standards are very low in being able readily verify sender and content. Can we expect this to get better any time soon.