Suspected spammer: [email protected]
Received by us: Fri, 23 May 2025 23:41:30 +0000 (UTC)
SpamAssasin rating: -1.0
Email analysis
This email appears to be an automated response from a legitimate service provider, in this case, Southern Water. However, potential red flags and issues exist that could indicate that all is not as it seems.
First, the sender’s name format – “sm_noreply via u1” – instead of a clear indication of an official email account raises suspicion. Legitimate organizations typically use their recognized domains for such automated responses; the combining of “[email protected]” with a “southernwater.co.uk” reply-to address is an unusual setup. This duality may signify that the email has been sent from an unmonitored address, often used in spam or phishing scenarios when a response is discouraged.
Furthermore, while the content appears standard for an acknowledgment from customer service, the lack of personalized addressing and the vague phrasing of “we’re on the case” suggest a generic template that could easily be replicated by scammers. The message also encourages recipients not to reply, a tactic sometimes used to avoid engagement in fraudulent communications.
Readers should always verify the sending address of such correspondence against known legitimate contact details from the official website of the organization. If uncertain about the authenticity of an email, it’s essential to contact the service provider directly via official communication channels instead of responding to the message received.
The email's subject was excessively long. For aesthetic reasons, we truncated it. The full version is reproduced below.
Re : Re: Auto Reply: Email Acknowledgement – Case Number: 05058727 – ref:!00D200MMg5.!500QC0MCYCY:ref
HTML Email
Thanks for getting in touch…
[Water for Life – Southern Water] [{Hyperlink removed} ]
Thanks for getting in touch
Hello
Thanks for your email. We’re on the case and will respond within 5 working days.
Please don’t reply as this is an automatic message.
Many thanks The Southern Water Team
[Fotter ripple]
Join the conversation
[Facebook] [{Hyperlink removed} ] [Twitter] [{Hyperlink removed} ] [LinkedIn] [{Hyperlink removed} ] [Instagram] [{Hyperlink removed} ] [Vimeo] [{Hyperlink removed} ]
Southern Water Services Southern House, Yeoman Road, Worthing, West Sussex, BN13 3NX. Copyright © 2020 Southern Water. All Rights Reserved. Registered in England and Wales. Company number 2366670.
To find out more about how we use your information read our Privacy notice [{Hyperlink removed} ].
[Water for Life – Southern Water] [{Hyperlink removed} ]
This e-mail is intended solely for the person or organisation to which it is addressed. It may contain privileged and confidential information. If you are not the intended recipient, you are prohibited from copying, disclosing or distributing this e-mail or its contents (as it may be unlawful for you to do so) or taking any action in reliance on it.
If you receive this e-mail by mistake, please delete it then advise the sender immediately.
Without prejudice to the above prohibition on unauthorised copying and disclosure of this e-mail or its contents, it is your responsibility to ensure that any onward transmission, opening or use of this message and any attachments will not adversely affect your or the onward recipients’ systems or data. Please carry out such virus and other such checks as you consider appropriate.
An e-mail reply to this address may be subject to monitoring for operational reasons or lawful business practices
This e-mail is issued by Southern Water Services Limited, company number 2366670, registered in England and having its registered office at Southern House, Yeoman Road, Worthing, BN13 3NX, England.
In sending this e-mail the sender cannot be deemed to have specified authority and the contents of the e-mail will have no contractual effect unless (in either case) it is otherwise agreed between Southern Water Services Limited and the recipient.
2 comments
I’m getting a number of these again. I get a small bunch like this every so often. In my case a (long ago harvested and unused by me) username seems to be Bcc’d. It seems to be a very isolated thing, not some known technique used by many people.
I can’t see the purpose to anyone of raising loads of support tickets. Could it possibly identify the helpdesk software used and therefore potential vulnerabilities? I wonder if adding one or a few random Bccs somehow makes them look less spammy.
I’m puzzled. If the person raising the ticket Bcc’d me in it, the recipient wouldn’t see it and I wouldn’t be Bcc’d in their response. If I was Ccd, then the response would Cc me, not Bcc. This suggests that the whole correspondence may be faked. But the messages are full of genuine-looking DKIM and ARC passes.
I get the auto-acks (we’ll get back to you), but never any actual response to the ticket.
No, no reason to assume I was Bcc’d. The To: is either the spammer or missing. My address is only in the Envelope-To. The original analysis suggests that the auto-ack is fake and not from Southern Water. I hope someone can work out _what_ is happening, and then _why_.