I received this email from my UK bank, Nationwide (OK, it's actually a building society) recently. An admirable effort on their part to improve security and combat phishing attempts. But can you spot the glaring stupidity? That's right, my postcode is not XXXX XXX. I'm not telling you what it is, but it certainly is not that.
So, the whole point of the email - if your postcode is not shown like it is here the email isn't from us - is totally lost. I know why my postcode isn't shown: I'm an ex-pat with an overseas address, so my postcode isn't UK format. But really that's no excuse. Just flag any overseas addresses first and then leave them out of the mailing. How difficult is that?
Sending an email like this is laughable, and makes Nationwide look silly. It's very poor marketing too, from what is normally a most excellent building society.