'Please DON'T email us your credit card details!' blog discussion

Former_MSE_Penelope

This is the discussion to link on the back of Martin's blog. Please read the blog first, as this discussion follows it.

Read Martin's "Please DON'T email us your credit card details!" Blog.

Please click reply to discuss below.

DarkConvict

I know the feeling about getting emailed card details, i seem to have a popular email address with GMail, and have had numerous emails for Jon Willis's around the world, the best by far was in 2008, when an email had been passed back and forth between a Jon Willis in singapore and his secretary. To my great surprise after about 10 emails the secretary manually typed in the email address 'wrong' instead of clicking reply, i was sent the full sent of 10 emails which was requests for a flight, name, address, card number and all card security details and plenty of other info i could have used. :rolleyes:

Later that year i got an email for the same person detailing information about his new address as the delivery firm was moving there items to another country.

Given the previous email chain, i forwarded them onto the correct email address.

segarrett

I often have to stop people from emailing me their credit card details. I [FONT=&quot]occasionally have to take credit card details over the phone, and people often suggest they email them to me.
Talking to people, I'm also amazed at how many use the same password for everything: I know you blogged about this recently.
So, yes, there are an awful lot of people who really do need some help understanding the basics of security. Thanks for providing it. The problem is getting them to listen and inwardly digest.

[/FONT]

mrmajika

:rotfl::rotfl::rotfl:
You couldn't make it up. Never underestimate the stupidity of the Great British Public!!



Reminds me of when I used to work in the call centre for LTSB and someone phoned to complain that their debit card wouldn't work (which was due to a UK wide system fault).

I apologised and calmly explained to the customer that the problem wasn't specific to their card and it was a nationwide fault.

The reply: "But I don't bank with Nationwide, I bank with Lloyds TSB!?"

DarkConvict

That is quite funny mrmajika

From MIB, at least that's where i first heard it. A person is smart, people are dumb panicky creatures.

ElkyElky

LOL The blog post was rather amusing.

In all seriousness, who on earth would be stupid enough to email credit card details wily nilly? If they've sent MSE their details, they are no doubt capable of sending their details to other people too. Who the hell does this? (serious question).

That person is just asking to be defrauded, and when that time comes, they'll run to the credit card company moaning and whining they've done nothing wrong.

It's good to know the people at 'MSE Towers' are trustworthy and deleted the information, rather than going out on a shopping spree courtesy of the idiotic person.


(sends his credit cards into MSE via snail mail with the pins attached).

TurkishDelight

It doesn't matter what you write as a company, some customer somewhere will always misread it.

It's when it becomes a significant percentage that you have to worry.

In this case though, in a odd way, it's the best thing they could have done.

Some (no doubt politely and clearly worded) sensible advice is about the best outcome of randomly giving out your credit card details.

StumpyPumpy

What surprises me is the number of large organisations whose online websites do not validate the emails they are given by users. One email address I use is short and easy to remember @Live.com, given to me long before Live.com addresses were made available to the public and so not full of the usual additional numbers or prepended initials. The downside to having an easy address is people sometimes use it to sign up to websites - either in error or maliciously - I can't always tell (I also have the same address @Live.co.uk, but that is never any trouble)

The most recent misdirected mail was an order from Walmart providing full access to Walmart's online shopping site, and while the credit card number was blanked but for the last 4 digits, all other personal information was available to me. Had I been minded, I could have changed delivery address, cancelled the order, created my own orders or anything else I wished. I went as far as the "confirm order" page to prove the point to myself.

Luckily for the person that gave me this power, I choose not to use it. I never do, but I do lock the account and change the password, and I'll change the email if possible.

When the simplest of message boards (ahem, mentioning no names) can manage to implement an email validation system, it beggars belief that some huge multinationals can't.

SP

kezbabybabe

The opposite incident happened to me, where O2 emailed me regarding a Mobile recycling issues which I didn't want to proceed with. They needed to charge me £10 admin fee to send the mobile phone back to me, so they sent me an email asking for all my card details including the CVV number! :eek:

Don't worry I phoned them up and gave it over the phone and also pointed out that their email needs to be changed as people wouldn't think twice about sending such information through an unsecure network.

krazykidskate

They have probably seen all the celebrities handing over their cards and wallets to you on 'It Pays to Watch' and think it's the done thing.