Survey for Tour of Watopia [September 2023]

Hey everyone!

Zwift’s Research team will be sending out a survey to collect feedback for the October Tour of Watopia. The email will look like this:

We want to reassure you that this email is legitimate, and comes from Zwift. The survey is conducted through a third party research tool called Qualtrics, and the survey URL will start with

The surveys will be going out Sept 28 to Oct 2. If you receive this email, we’d like to have your feedback, and thank you for participating in the survey.

I got an email from–is that the right one? It asked for “Username or SSN”.

If not, I didn’t get the survey :frowning: If so, I did provide my password and bank pin so you can give me those bonus sweat drops for filling it out. :slight_smile:


I don’t trust ANY email anymore. I receive emails from ‘my bank’, ‘my credit card company (often for cards I don’t even have)’, and even the hosting company for a website I have that are fakes.

ANY EMAIL that asks for your SSN is guaranteed to be a phishing attack! 100%!!

ANY EMAIL that asks for passwords is guaranteed to be a phishing attack! 100%!!

ANY EMAIL that asks for ‘payment’ in gift cards to avoid jail, the IRS, etc, is guaranteed to be a phishing attack! 100%!!

ANY EMAIL from a different email domain (to the right of the ‘@’ sign) is guaranteed to be a phishing attack! 100%!! (ie: an email from your bank, etc, from a Gmail, or other account, or a foreign country)

People that are hacked usually hack themselves. Be careful, be suspicious. I was almost suckered in by an email with a subtle misspelling of the company the attack was spoofing. If I hadn’t looked closely, I would have thought that the email was ‘official’.


Pretty sure @Tom_J was joking


But I have received phishing emails that want that information, and too many people respond to them. It’s no joke that hackers, often state sponsored (working for a foreign government) spammers/hackers depend on their victims gullibility and not paying attention. Decades ago I received a very official email claiming to come from my bank. It looked so good, I actually clicked on the link. The ‘verification process’ screen started asking a lot of information that they should never ask for. I felt embarrassed that I fell for the fake email, and grateful that it stopped at that website. Had I entered all that information, I would have hacked myself. The email spoofed an official looking email domain, and I reported it to anyone I could. I’m sure it swindled hundreds to thousands of people. Phishing is no joke! People need to be aware of how easy it is to be attacked.


No, the act of phishing isn’t a joke. But a joke about phishing is a joke.


But, having been in IT for 40+ years, I’ve run into many people that don’t and won’t get the joke. They will ritualistically click’yes’, and, out of fear/ignorance/whatever, respond to phishing messages. I get the joke, my comments were in no way aimed at you or anyone, they were meant as a ‘psa’ to be careful. I too gotten a few fake Zwift messages. It made me wonder how a rando would know I was on Zwift, but whatever… The uninformed/unaware are easy targets for those attacks, and the spammers/attackers do them because they work.


My wife was just hit by a rather large wave of Amazon phishing messages, and we know that Amazon has hacked, exposing customer lists. Given the weird coincidence of getting an apparently random Zwift phishing email, is it possible that Zwift has been hacked and the attackers are farming the data they received to fleece members? Just too coincidental… :man_shrugging:

You think they hacked into the forum, took on a Zwift staff members ID and created this thread so that they could gather members data?

Dude, there’s no tin foil thick enough…

Or, is it just possible that Tom posted a joke?


Oh, right. Sorry, it was a joke, but I have gotten a couple phishing emails. Only one or two. I just toss them when I identify them as suspect. It was also months ago. I laughed and thought that Zwift has ;made it’ if there are people trying to hack their members. It didn’t hit me until this post that it was odd that it went to a subscriber of Zwift. :man_shrugging: Phishing message have gotten so common, I just toss them. The problem is that if they are spoofing a valid address, if I set up a filter, it could filter out messages that I might actually someday need to receive.

Sure, that was a joke, but reality isn’t joking.