I received an email from United Airlines today about their "Elite Choice" program, saying that I had reached a certain number of Elite Qualifying Miles and was eligible for an award. I clicked through, and was confronted with this page:
The URL is , which instantly made me suspicious. Furthermore, all of the other links in the email were shortened URLs hosted at *link.p0.com* (instead of at the united.com domain). This made me even more suspicious. I was *sure* that it was some sort of scam, but then I remembered that I actually enrolled in this program, and that the number of miles they said I had reached matched the number I actually had. I looked back at old emails from United, and all of them use the *link.p0.com* URL shortener. That was enough information for me to continue to login (and indeed, it worked, and I received a confirmation email from United)... but I very nearly did not follow through. If United's goal was to stop some percentage of people from going through with the reward redemption process (due to healthy paranoia), they are geniuses.
If *any* company asked me to supply login credentials on a site with a second domain name, I would balk. Can you imagine if Paypal asked you to login at something like paypalrewards.com?
Every company needs an internet-savvy employee or two on staff. In this case, we can't be sure if it was idiocy or genius.