----- Original Message -----
From: "Joe Abley via Outages" <outages@outages.org>
On 5 Apr 2016, at 15:29, Joe Zabramski via Outages <outages@outages.org> wrote:
I received a very similar message from Amazon on 3/7/16. Discussion boards seemed to indicate it was legit, however my password was never actually changed by Amazon as the e-mail indicated, nor did I ever change it manually as a result.
The e-mail also appeared legit on the headers, but now that I look at a little more closely it originated from amazonses.com <http://amazonses.com/> which is seems like it might be an e-mail service you can subscribe to?
My assumption would have been that it was a phishing attempt, and that any credentials I had shared in response to the e-mail ought to be assumed compromised immediately.
I'm not familiar with this "discussion board" approach to trusting unexpected requests for login details.
Well, in fairness, none of these things require you to trust anything more than that your browser has you where the URL and certificate badge say it is. "Amazon SES" is, of course the AWS Simple Email Service, but I don't know if that's a valid domain for it. Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274