Spammers are trying really hard to make their mails look good so people read and click on the links. But what happens when legitimate companies screw up and their mails look phishing??

Today I received a mail which on first glance came from “”. They are trying to get me to sign up online. It does include a “license number” and when I looked up my paper copy turns out to be the same number.. Did TV license loose lots of account details??

The real kicker here is all the links in the e-mail all point to an IP address “”, yes an IP address not a domain name!!

Worse yet.. the URL appears encoded/encrypted:


The mail headers also include a bunch of different domains.

Received: from 
([]) by 
with Microsoft SMTPSVC(6.0.3790.3959); 
Thu, 27 Apr 2017 21:30:12 +0100

X-Virus-Scanned: CHECKING at

Received-Spf: Pass (sender SPF authorized) 
identity=mailfrom; client-ip=;;;

So who is

To be honest at this point I’m really not sure if this is real or phishing?

I don’t think I’ll be clicking on any of the links and will just ignore the mail.. I suggest anyone else who sees this does the same.