In the last couple of days I’ve received emails (not in-game messages) saying my toons have millions of unclaimed SP from login rewards that are about to expire.
The numbers the emails claim seem wildly exaggerated and anyway I’m very careful to use up all my login SP as soon as I earn them. So I’m pretty sure these are phishing/spam emails. (and I know enough not to click the email links! 
)
Anyone else receiving these emails? 
CCP really should be S/MIME (or OpenPGP) signing their emails (currently they do not) so we can check the signature it’s really them.
I’ve received similar email…it said I had 12 million SP, when actually I have about 7 million. Which made me suspicious. And that I had a big SP reward waiting, and had till April 4th to grab it. But I never log into Eve via any email anyway. I deleted the email, went into Eve, and sure enough there was a big boost of 100K SP waiting for me.
I’d be mostly concerned how these scammers even know your emails. Were you doing RMT something?
emails are easly discovered.
I am more concerned that a company doesn’t want to ensure the integrity of their own communications by digitally signing their emails. That is the purpose of S/MIME and OpenPGP. They already manage key certificates for their websites, it’s a glaring gap in company security and taken advantage off by phishers.
They simply don’t care enough about their reputation integrity to sign their own letters.
Companies tend to be more worried about their logos and branding, but ignore communication integrity.
@CCP_Swift Can we get your take on this? As it’s already turning into rumor mongering and for me I looks like that personalized SP sale that’s been around for some time.
Did it look like this?
If so, log in to the store and see if the offer is there. If yes, it was legit. If no, it was a scam.
Mr Epeen
These are legit e-mails. They quote account/character statistics that would be impossible for an outside party to have unless they literally have access to your account.
The problem is that these e-mails appear to be sent in error. I got a bunch of them for characters that have no SP in the redeeming window. Although I did go through and claim the recent rewards a few days ago, so maybe they were using an old database pull for the e-mail blast or something.
We won’t know without looking at digital signatures.
Post the DKIM of the sending MTA, though those are not for non-repudiation and only between MTA’s and short lived (rotated frequently).
The one I received looked like this below. I found it odd that it said 12 million skill points ( I actually have about 7 million )…though maybe it is counting across all 3 toons. It also seemed a bit odd that I’d ‘missed’ any skill points…as I’d been logged in just 12 hours earlier. I dunno if its the same as what Jin received. In my case, there were actually 100,000 skill points waiting for me when I logged in.
Did it originate from ccpgames.com or eveonline.com?
Looks like It is phishing.
I never, ever, click on links in emails anyway. Not even when I know the link is genuine. It is always safer to just go to the relevant site and log in.
eveonline@email.ccpgames.com
www.ccpgames.com
Link inside leads to:
https://click.email.ccpgames.com/?qs=longstring
The SP amount quoted is definitely account-wide.
How would anyone but CCP have my account-wide SP amount without having access to my account?
CCP NEEDS TO MIND THEIR OWN BUSINESS
DMARC policy for ccpgames.com is quarantine so if it failed the SPF and DKIM checks it would end up in your spam folder likely. Assuming your receiving MTA honours DMARC policies, some don’t.
$ dig txt +short _dmarc.ccpgames.com
"v=DMARC1; p=quarantine; rua=mailto:dmarc@ccpgames.com,mailto:lp7h3k5a@ag.eu.dmarcian.com; fo=0; sp=none; adkim=r; aspf=r; pct=100; rf=afrf; ruf=mailto:dmarc@ccpgames.com,mailto:lp7h3k5a@fr.eu.dmarcian.com"
SPF record showing which IP’s are permitted to send mails on behalf of the domain
$ dig txt +short ccpgames.com | grep -i v=spf1
"v=spf1 mx ip4:87.237.32.0/24 ip4:87.237.38.0/24 ip4:87.237.39.0/24 ip4:87.237.37.40 ip4:70.158.189.46 ip4:70.158.189.240 include:spf.protection.outlook.com -all"
You can find the DKIM selector in your DKIM-Signature header’s s field.
$ dig txt +short selector._domainkey.ccpgames.com
_6d355a615b9d06ec09a5cd8913f6b548.tljzshvwok.acm-validations.aws.
"07ca81478e5c4b85a2d84c0f672680d6"
"18090b6a65cc453d951d25b2ef888221"
Never! (Out side of the offical EVE store)
More like:
Listed my toon’s name. Skill Points (which is pretty close to the total SP the toon has), Last Login Date (which was correct), then said:
" Claim your Skill Points!
Expiring Soon. Don’t delay!
You have unredeemed Skill Points that will expire on 4 April, 2022. Claim them while they are still available, and start training your pilot so you can do more and be more in New Eden.
This applies specifically to Skill Points earned as login rewards. Unallocated Skill Points acquired through the use of skill injectors – or via the redeeming system – won’t expire."
The link it want’s me to click is https: //click.email.ccpgames.com/?qs=4cbdea17a209bdbbbaa51a1fabfae282468efb5e9bcb4abcc3bb807481bf7e915ee2ef7931f482926b5173f3ec1313e6ec45a441d0c3a920
^^^That doesn’t look Kosher to me. 
Bingo! Exactly what I got.
Where did you see the 100k SP waiting?
I’ve checked my items to redeem and daily login items very carefully. I see no SP.
Don’t want to lose SP if it is legit.