Reply to potentially spoofed email

A colleague recieved an unsolicited email along the lines below:

Dear Ms. Smith

please click on the following link to recieve Document X regarding Project Y.

Yours,

Eve Nobody
eve.nobody@company.com


I suggested my colleague to reply to Eve Nobody, and ask whether the email is legitimate. Note, that we typed-in the address of Eve Nobody, since one could tamper with the reply-to header.

I assume three possible scenarios:

  1. Eve Nobody exists and she did send the email
  2. Eve Nobody exists, but she didn’t send the email
  3. Eve Nobody does not exist, and the email-server of company.com will reply with an error message

In all possible scenarios, we only interact with company.com, and not with any potential spoofer. Thus, I consider this course of action safe.

Was my advice sound, or are there other aspects to consider?


For context:

  • We are a firm which does research with academia and industry, hence we have plenty of information on our current projects along with the corresponding researchers. Thus, the information contained in the initial email (a reasonable title for Document X and the title of Project Y) can be gather from our homepage.
  • company.com is a legitimate company, and is involved in some research of ours.