I have just read an email from you about activating Pay Day put away, and it offers a link to activate it, I’ve spent 2 over decades promoting security on forums, and over 4 decades doing it in person to CYA, and the golden rule is to NEVER, click a link you don’t know, and further to that stuck up on the highest Pedestal you can ever get, ESPECIALLY, where it concerns money, I don’t even get links from my bank for this reason, and not that far back I hammered PayPal for doing this, and they said that they do not do this, and it was a slip.
Links to the forum topics is not bad once you know them, but hovering over the link is something everyone should do before clicking, and you can view the link address by doing so, therefore you can see where it ‘should’ take you, but there are many ways to spoof such things, but as long as you use caution you should be OK, but there are no guarantees, just use caution and protection as best you can.
Anyway this invite to activate this service was a myriad of every character pretty much, there was no clear www.chip(dot)com anything, I appreciate the secure address was enabled, but it was just mixed up, namely; https :// chip-6f6bc………com-mail(dot)com/…/…etc, in fact a further 117 characters on top of this, now I’m not saying the link is bad or anything here, but your dealing with money, a person has not got a hope in hell of knowing if that is safe or not, and that’s from someone who warns of such risk areas.
I know that if you are targeting a specific group, to their account will become a quite extensive length to use by individuals, but my point is the second it comes to anything where security is tantamount, you should not send a link, instead you should send instructions of what they have to do, saying go to your account… etc, which ironically you did 2 paragraphs further down, saying; “Find Payday Put Away under Save Settings in the Profile tab.” a total of 59 characters.
You need to remember that using any kind of address other than the chip(dot)com, even with the https://, because a common trick is to create a variant of the legitimate address, often in a very simple way of an extra .(dot) Or a break in the natural domain e.g. com-mail(dot)com, I don’t know if many would agree, but I would certainly expect a plain, no link email (it can have pretty colours LOL, just no links), hope this makes sense anyway.
Dam your auto hotlinking, that can cause problems at times like this, imagine if I posted the full link here, aside from the fact that they could be copied and pasted, anyone could click on them to see what it is, and the worst bit is then inability to easily remove them (highlight them and select break link), took a few try’s to make it work, or I should say Not work.