Slashdot Mirror
Ask Slashdot: Dealing With Ongoing Suspected Identity Theft?
njnnja writes: My wife receives periodic emails (about once every other month) from a cable company that is not in our service area that purport to confirm that she has made changes to her account, such as re-setting her password. Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Is it addressed to her name or her email address? If just the latter, than who cares, add it to the spam filter. Or recover the login information and unsubscribe the person from all their services.
Your hair look like poop, Bob! - Wanker.
Do something extremely illegal, but get away with it, they issue a warrant for your arrest, they get popped when they track them down.
Problem solved.
I've never heard of a company being able to do this. If they don't have your wife's SSN or mailing address, how would they bill you (her) for service? I'm not sold on this being intentional identity theft - are you seeing any other signs of this happening? The last time my info was compromised I saw plenty of other activity that indicated it happened. This seems like a strange case of mistaken identity from my vantage point.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
That which can be explained by a cable company's incompetence.
If it's ONLY the one cable company that is using her name I'd say the problem here is with that cable company. I'd get on the local (to them) news with how little they care about dealing with identity issues. Bet the problem goes away after that. Have you run a credit report to confirm there isn't anything else odd? It seems unlikely that her ID would be used only for cable...
K Man
Your next stop at this point should be the regulators for the state where the cable company is operating. File a complaint with them. You may also want to file a complaint with your own state's regulators.
Most public utilities, cable, electric, telephone are hypersensitive to complaints filed with the regulators, even if it doesn't show publicly, because it affects the rates they can charge.
Good luck!
Keep a record and ask for a reference for the phone calls you make to them. Also ask them to send you a letter in the mail confirming you have contacted them. If the worst ever happens you can always fall back on the fact that you made them aware of the issues beforehand thus negating any liability.
If all possible, look at all the headers in the email to verify that it truly is coming from that cable company. Also, when you call the company, do they really have an account for her?
Is anyone living in the cable company's service area who has your wife's first and last name? It is generally easier to be certain of a "yes" than a "no" answer on this, of course, but it is worth checking for if you haven't already. I'm not sold on this being intentional fraud, as it is generally not worth the effort to steal someone's identity just to get free cable for a couple months.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Which is easier to believe: That a sophisticated criminal organization is involved in an ongoing plot to usurp your wife's identity and destroy her credit, or that the local cable company is run by a a bunch of half-wits who couldn't figure out how to cancel an account or correct false customer information if their jobs depended on it?
Or, perhaps that Slashdot is a good source for legal advice?
Record your conversations with the cable company. If they do something stupid, like put things in credit reports, you can sue them.
But so far nothing seemed to have happened.
Are you sure that the cable company in question is a legitimate business and not just a scam hoping that you call them to be 'forwarded to their security department' so they can pull personal information from you... ya know, to make sure that you "aren't being billed anything". (sounds like a reasonable hook, to me)
Otherwise I'd imagine using someone else's name and e-mail address is not in any way indicative of a contract and they wouldn't be able to prove anything to go after you, personally.
If the email account provier in question doesn't offer good security measures abandon it, there's no recourse.
Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Or someone just happened to use a similar email address and misstyped theirs. Are you actually getting emails regarding unpaid bills for the cable company, or is it just simple account-type stuff like changing passwords? Or charges attempting to be made against any of your credit cards? If you are getting emails once a month, it sounds to me like someone put in the wrong email and when they go to pay it online they change the password because they can't log in. And even if there was an unpaid balance, the first thing they would do is send the bills to the physical address they have on file or to the holder of the card that was used to intially set up service, which is also where any collections would likely start.
Hell, 10 years ago I used to get recordings on my phone that someone had overdue movies at Blockbuster. I didn't immediately assume someone was using my identity to steal movies from them in some criminal enterprise, I just figured they had put in a wrong number.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Oh fuck me remember to disable WPS on your router! And then check it has really been disabled!
I've had some or multiple asshats do this several times.
I'm not sure why he can't get his email address right, but it's pretty clear this would stop if the offending organizations used a validation scheme.
Regardless, an incorrectly used email address doesn't quite quantify as identity theft. Hell, I'm not sure why you would think the cable bill would be remotely in your name. You see, utilities are tied to a physical address and it would fairly straight forward to rule out foul play.
Last person that decided they would use my email address for their xbox account found out why that was a really bad idea. At least, I hope by now they have called msft to have their account password reset and their email address set to something more tangible then 'stopusingmyemail.' I have to assume they wanted me to manage their account since they gave me unrestricted access to it and supplied my email address for said management. I might have been wrong, but the notifications have stopped.
It happens to me all the time, I have a relatively common Gmail address using my first initial and last name. I frequently get misdirected email from a variety of vendors where someone gave them my email address by mistake. I used to try to contact the merchant and tell them, but they rarely respond intelligently (usually they tell me to log on to my account and change the address... duh, I don't have an account!). So now I usually just flag them as spam and ignore them.
Comcast has been sending me monthly bill notifications for someone else's account for over a year, I emailed them, but they told me to call and I didn't feel like calling, so I've been ignoring it.
Some guy keeps sending me his flight reservations, I could screw with him and cancel his flights online or maybe keep changing his seat to put him next to the bathroom.
One guy said he was going to sue me for stealing his email address when I told him that he's using the wrong address, he swore that he'd been using that address for 5 years and that I stole it from him.
Are you familiar with the recent judgement against Time Warner Cable over a very similar matter?
we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email.
Then they are not clearing it out: they are either incompetent or lying. Consider having a lawyer draft a letter referencing this recent judgement. That might help.
xiw93*@dH;_=>qxprrb0 djab9
Try a cypher.
Jed: "Jethro, come over here boy. I want you to cypher this out."
Jethro: "OK Pauw."
Ha ha
My wife has had this happen to her too. Someone used her e-mail address when signing up for their Comcast account and Comcast kept e-mailing my wife with account updates. (We're not in a Comcast area.) She called and they essentially said there was nothing they could do since she wasn't the account holder. They needed the account holder's permission to change the e-mail that was going to my wife. The same account holder who put in my wife's e-mail address in the first place. (I believe they eventually contacted the person and sorted the issue out, but she still gets the occasional e-mail when the person again puts my wife's e-mail address into a system.)
All this being said, I wouldn't say that "has the wrong e-mail address in the system" is Identity Theft. You're getting pestered with e-mails, sure, but they aren't impacting your credit report, charging you for the other person's service, or anything else. As a victim of Identity theft myself (my name/SSN/DOB/address were used to open a credit card in my name), it takes a lot more than "put your e-mail address in the system" to qualify.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
I did a spot check on my credit report and was surprised to find out that I had an unpaid bill with the local electric company. So I called them up. I owed them $2.75 for a closing bill that I never received two years earlier. They had my current address and phone number, made no attempt to collect on the balance during that time, and refused to remove the item from my credit report. I paid the bill and waited another five years for the entry to fall off my credit report.
Yeah, and if you are going to steal cable for a few months why use the real email address instead of some burner email address?
I get plenty of mail to my address from people with very similar names (happens when your email is some conglomerate of your name).
My best friend for many years now is a college buddy who is a lawyer. He has taught me a lot about how the law really works in the USA and I can assure you that what people who aren't lawyers say is true about the law and how it really works are not the same at all. I'm pretty sure that people can't just open accounts in your wife's name in another state where it's easy to prove you don't live and without her social security number somehow make you responsible for it, but again, you probably really need to talk to a lawyer. I know it sucks to pay one, but lawyers can do a lot for you like send legal threats on your behalf to the cable company to, ahem, "encourage" them to get a lot more interested in your problem before it grows into a much worse problem for them . If they do actually have her social security number then that is a completely different situation and her identity is already compromised. You need a lawyer for that too. I have to ask - are you definitely sure that the cable company really has her email and name on file and that this isn't some really good phishing email trying to get you to click on a suspicious link and doing identity theft that way?
This one is simple: steal someone else's identity. The last one left without an identity loses and we shun them.
https://www.eff.org/https-everywhere
1: Contact both your local police and the police for where the account is registered. Give them as much information as you can when filing the formal complaint.
2: Contact the major credit bureaus and file a fraud alert. This will help mitigate what damage has already been done.
3. Contact the BBB for the region and file a complaint.
4. If a local TV station has one of those "troubleshooter" things where they go after businesses as consumer advocates for issues, try to get them involved, if not, check the same for the locality of the cable provider and try them.
5: Seriously do 3 and 4. Companies don't like public bad PR campaigns run against them. They tend to take action off of these kinds of things.
6. If none of the above work, seek legal counsel. You will have to drag them through the court system if none of the above work. Document all of the above actions in extreme detail as they will be useful if this has to go before a judge. This includes recording phone calls (you will legally have to disclose to the person on the phone that the call is being monitored and recorded, otherwise they will be inadmissible as evidence)
You know, never attribute to malice that which is adequately explained by stupidity.
There's less than 250 people in the US with my last name. There's only one other person who shares my first and last name. My email address is my first initial, last name, and I semioccasionally receive emails - important ones, job hunting and health-related, among others- intended for my evil twin. (Well, they're more likely the good twin)
It's easy to typo an email address, and doubly so for other people to do so. If my email address is acoward@example.com, my doppelganger's email could easily be acoward1@example.com, aacoward@example.com, or even acoward on a different free email provider. If they're talking to a service rep ("Why did my email address disappear from my account again?"), it's entirely possible that they mishear the email address ("I see it was acoward, do you want me to change it back?").
As to how to fix it, if getting tier-two tech support hasn't solved it, your spam filter will.
And what the fuck will this do for the belief that someone is using that email address for a cable service?
Honestly, you're said nothing useful or intelligent other than "Yarg, teh Windoze is teh sux0r, change teh passwords".
Email is not a valid method of legal notification. If they send something to your house or start calling, then get worried. Most likely somebody is too dumb to realize that if their name is John Doe, then johndoe@gmail.com is not automatically their email address, or, unable to opt out of receiving emails as they should be able to do, they fed the company a false email address so they don't have to get spammed.
I get email on my yahoo account for someone with the same first initial and last name as me. They apparently made the same assumption that they own that yahoo address. They subscribe to extremely liberal newsletters (which they never receive, and I don't care to receive, and do not use a proper opt-in confirmation). They get coupons for stores I don't go to (they live in Minnesota guessing by some of the stuff they get). I'm not worried about identity theft from them, though. Maybe character assassination if anybody ever tries to use my yahoo account contents as an establishment of character.
If you are not allowed to question your government then the government has answered your question.
Find out what anti-spam laws exist in your jurisdiction and on your next conversation with the cable company inform them that since neither you nor your wife have a financial association with them and that neither of you have been asked to agree or opt-out of receiving communications from them then they need to stop or be reported an possibly fined up to $x,xxx,xxx.xx for this infraction. BTW: Their company letter head and email signature counts as an advert.
Also tell them that if you do get further communication over this medium you will as well as reporting them, assume they are in agreement to pay you $50 for use of your devices to receive their advert.
I had this problem a while back with a company not updating their online store finder info and thus giving prospective customers my cell number. after several calls one email of the above resulted in removal of the information within 6 hours.
Someone did that to me w/ Skype. I tried to login, requested a password reset, logged in and then disabled the account.
I get similar emails from auto places saying this r that service ws perfgormed or whatever. It appears to me that someone associated my email with a real person who really is doing these things, getting service etc. In my case the person doesn't owe money, so i don't worry about it. If it was an unpaid bill, I still wouldn't worry about it since an email is not an identifier and neither is the fact that someone has your name and email a contract with that person.
There are lots of innocent ways your email and name and even SS can become conected to just random things. Consider that the cable company probably outsources it's processing functions to some 3rd party and that 3rd party has lots of customers including one your email + name combination was or is a legitimate part of. Any mistaken action by this 3rd party could result in cross pollination of internal lists and viola!, you're now a customer of this cable company in the eyes of this 3rd party.
This is just one scenario; there are tons of others but you get the idea- your [name + email + other personal info] makes it's way around the internet of service providers and data brokers which is a part of the internet you are generally unaware of but which is absolutely huge and very active. Your info is a record in a thousand million databases with absolutely zero regulatory oversight. Just one bad SQL statement by one employee once can set off a big or small chain reaction of events in the world of who is who's customer, who has what characteristics, who has been served what ads, who is a "limited income pensioner who still beleives their luck might change" or "unemployed porn-addicted compulsive masterbator" or "father whose daughter was killed in a car crash".
The procedures, policies, and practices of databrokers are effectively the wild west. They're making hay while they can since their actions have real consequences to real people in the real world (if you're friends with someone who gets into debt, your own credit rating goes down now). If all the fallout you're experiencing from this frentic activity is errant emails for phantom services, then consider yourself lucky.
I lost my driver's license some time ago at a coffeeshop- it was stolen. I am still waiting to picked up for some heinous crime commited in some other state one of these days.
A Hotmail account I signed up for in 1996 or 1997 is often used as a throw-away e-mail by idiots all the time.
Often, I will log in to the service they used my address for, and reset the password and take it over, just to let it sit.
If morons are dumb enough to use my e-mail, then they should not have access to whatever service they signed up for.
One time, a "sugardaddy.com" account used my e-mail, and I took it over, changing the profile pics to some handy images from "faces of meth" and spicing up the profile. Sadly, a drug-addicted, STD carrying woman still sparks a lot of interest, apparently, among "sugar daddies"
Since you don't have any contract with that company for the provided services, why do you worry ?
At least in EU, no cable/telco company can provide you such service without a contract, and without a contract they cannot bill you for anything. And technically speaking, if you have no access for those services (and I assume you have not), they cannot bill you - you can still receive a letter claiming so, but it's empty of legal support.
Maybe it's different in US, but I'd find it very strange if so.
I get "confirmations" for purchases, requests for feedback on purchases I never made, and account credentials resets for banks all the time. I know they are spam because they go to three or four of my email addresses at the same time. I’m guessing that someone is sending out millions of these resets, hoping to catch a few login credentials.
My wife has a common first and last name... her email address is her first name and last name @gmail... She gets everything from electric bills to HOME MORTGAGE CLOSING PAPERS for other people. When she emails back and explains that this is not that person's email address... the idiots become hostile and accuse her of being a hacker.
Now any time she gets a bill for any service, her first step is to recover the password, then schedule service disconnect. Seems harsh, but it is the only way. She has dealt with this for years... Hell if she were malicious, she has the account balance, social security number, bank account numbers, credit history, and/or University staff login credentials for half a dozen people who have targeted her for "reverse identity theft." No matter how much she begs them to stop.
Oh by the way... other woman who lives in NYC, 5 guys burgers emailed and said your order is ready for pick-up.... Maybe eating burgers and fries 6 times a week isn't the best for you though.
Are you certain the emails are from the cable company? A common scam is to send fake emails to convince you to give them your account info and passwords. Usually those scams are for bank accounts, but you never know -- especially since they're asking you to make a payment. Is the URL in the email the same as the cable company?
Another possibility is that someone entered her email address instead of their own when making their account.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Is the e-mail address the ONLY accurate information they have on file? I hope you did not provide a publicly searchable phone number or such information to them when you called. They WILL enter it into the system and it will be used if they ever need to collect on that account. If they have any other information, such as a physical address or even a zip code, then you need to get it taken care of. Companies can, and do, file erroneous negative credit report entries without having a social security number if they can track down the person they 'think' is accurate. This is especially true of utility, cable, and Internet providers. I have seen it happen multiple times to my ex, once with an old recycled phone number (The Bill-Me-Later companies) and with a previous 10+ year old common maiden name that was just in the same city. I would first file a complaint with the cable regulator in that area, as was already suggested by someone else.
Have you looked at the links in the email? Have you looked at the email headers to find out exactly where it is coming from? It is pretty common to send emails like this to get you to enter information on a false site where they log it and then try to use those login details somewhere else... hence the reason multi-factor authentication was invented.
When people sign up for things using one of my email addresses, I simply recover the password through email, then login, cancel the account, change the password and move on.
There is a jackass in NYC who shares my name, and has signed up for things like Spotify and Netflix using a variation of my gmail address (minus the periods, which do not matter to gmail). I cancel everythng he orders using my email address.
"So it's the only sensible operating system to run on all of your devices. If a device is not capable of running OpenBSD, then you're better off not using that device at all."
Yes, throw your phone away.
Get a lawyer to send them a letter saying you've already informed them multiple times you're not even a customer, and will now sue for harassment if they don't cease further communications with you.
What is it with "SubjectsInCommentsAreStupid"
Only the State obtains its revenue by coercion. - Murray Rothbard
http://arstechnica.com/tech-policy/2015/07/time-warner-cable-placed-163-robocalls-about-unpaid-bill-to-wrong-person/
Here time Warner ignored a woman's repeated attempts to get them to stop robo-calling her.
So she hired a lawyer and sued. They continued to call her even after she began her law suit. They lost the lawsuit, paying more than $200,000.
Most likely it won't go to court. Your goal is simply to scare them into doing their job correctly.
excitingthingstodo.blogspot.com
It's a good idea to contact the credit reporting agencies and place a security freeze on your accounts. That prevents anyone from taking out loans etc using your personal information. You can temporarily lift the freeze for a particular company if you need to allow a credit check for your own purposes.
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
I run into the same thing with my Yahoo address. It's not a very common name... but there's somebody who thinks (or, at one time, thought) that it was his email address. I've gotten emails from his daughter complaining about the kids at school bugging her, Olan Mills appointment confirmations, saxophone enthusiast newsletters, Gamestop emails saying how many points he's earned buying stuff from them. The last one I got was a Fedex delivery confirmation for somewhere over a thousand miles from me; I printed out the confirmations and sent them to him snail-mail, telling him he had the wrong address. I never heard back from him on that (hey, he does have an email address for me) but the misdirected emails seem to have stopped, too.
I'd have thought telling the daughter she was emailing the wrong address would have done it, but nothing she sent acknowledged that... either she's very young and didn't understand, or maybe someone was running some kind of sting against this other guy.
So... yeah, probably just misdirected, but keeping track of your credit reports, and informing the cable company, would be a good idea.
Just document your communications with the cable company, especially their security department. Always get a case / incident number from them in addition to the names of everyone who you talk to. Figure out what the legal rules are recording telephone conversations in your state and theirs and make recordings of your calls. Even if you do not have to notify them that you are recording (assuming you both are in "one party consent" states), do so anyway.
If you want to go the extra step, write up a summary letter after you contact them and include all of the information and let them know that you are retaining a copy for your files. Make sure to date it. Mail it to them and request a delivery receipt to keep in your files.
If it happens again, do the same thing again but include some additional verbiage about it being the second time that you have dealt with this with them. Explain that you are not doing business with them, do not ever intend to do business with them, and will not be held liable for the cost of any services that they provision with your wife's information. Keep a copy for your files and forget about it.
If a collection agency ever contacts you,
1. Send them a copy of your file and let them hash it out.
2. Hope and pray that they continue to pressure you for payment
3. ???
4. Sue them for fraud, plus attorney fees. (PROFIT)
I had a case a bit like this recently.
I started getting mails from a cellphone company (the one I actually use myself) which had nothing to do with me. Then I started getting bills emailed. The bills had the cellphone number and a postal address, I looked it up and rang their land line. It turned out I knew the person involved - he has the same name as me and works for the same company so we sometimes get each others mails at work. He had made a mistake when he supplied an email address. It took a couple of months to fix it. I would get an email and forward it to his address, he would complain to the cellphone company, I would complain to the cellphone company. Eventually he sent me a mail saying they had managed to send a bill to him rather than me.
Mielipiteet omiani - Opinions personal, facts suspect.
You need to do this at least once a year anyway:
Ask each of the three credit bureaus for your free credit report. You usually fill out a set of forms and they'll e-mail you a report. For each credit report:
Send the cable co a letter, certified, return receipt required, explaining things with dates of calls. Ask them to acknowledge that your wife does not live in their service area, state that you and your wife own no property in this area, and that you will not honor any billing unless that changes.
Asking them to prevent your wife's email from being used is probably pointless. But notifying them that this is happening, in writing, and warning them you will not pay a bogus bill is a start.
Don't threaten legal action. Just as you don't warn a bully you're going to punch them in the mouth, if they do bully you buy them hard. No other warning but this letter..
Doing ask me about my first checking account, at the same bank as my sister had one. Our SSNs are one digit different... I can't wait to see what happens when I apply for benefits...
deleting the extra space after periods so i can stay relevant, yeah.
use a 30 alphanumeric chars WPA2-AES PSK
Way to instantly defeat your password reset. You'd rather want to do something like EAP-TLS instead.
CLI paste? paste.pr0.tips!
A situation came up where I had to prove to an agency I wasn't who they thought I was and to stop sending me money (or be satisfied and keep it coming). While it had been proved it wasn't identify theft at a branch office, I was told to call the Police and report it, then send in an possible identify theft form.
I looked up the law, then contacted the Police I just wanted to go on record as a possible identify theft, as there are two routes taken when reported as real. Both affect ones credit rating in some respect, the first for three months, the other a year (your being locked out of any transactions to see if any pop up, till it's cleared).
While the Police report wasn't a necessary requirement to be included with the form, it was reported to cover myself, ie: going through the proper steps.
Of course your County, State, and Country will have different laws, best to look them up.
You do not have a contract with them and they are taking up your time.
Sue them.
Find a lawyer that will do it on commission and let them send the company a letter.
That will make them straighten their act.
My name isn't very common, but there is a retired medical professional in California who shares it. I occasionally get e-mail on my gmail account directed at him: I have watched him retire, visit resorts and get his fancy car serviced. I once printed out some correspondence directed at him and sent it to his home address using the US Postal Service, but nothing changed. Sometimes I reply to the e-mail explaining that I am a computer programmer in New Hampshire, not a medical professional in California, and once I got a very polite response thanking me for pointing out the problem. Usually, though, I get no response.
do you have written permission to use the identity? Oh, you don't know that it's illegal to use the identity w/o written permission, do you? Learn why you need a written permission to use the identity at losethename.com
How about closing the account in your wife's name and then opening a new account in your name?
My email provider forced me to use a minimum of 8 "characters" and at least 1 number as a password.
So as my password I chose: "Snow White and the 7 dwarves"
in standard .@gmail.com format
All been fine for years - and then recently I've had:
1) Info from a Ford dealer in the US, discussing servicing, receipts for servicing etc. (In US, I'm in UK)
2) Gym membership that hasn't been paid in the UK - right up until collection agency was mailing me
3) Mobile phone bill in UK (but few hundred miles away), that's been purchased, and seems to pay each month.
4) Random US woman, who thinks I'm her newly married husband and told me "she loves me" (Googled, they did get married, but her husband hasn't my name).
Also been a few legitimate newsletters coming in, I've simply never subscribed to. Either google has some massive internal screw-up, or the world has become a shit-load more fat-fingered recently.
Can data protection laws be used to stop the emails? If this happened in the UK, an argument could be made that they're actively breaching legislation by providing subscriber information to non-authorised users. I assume there's an equivalent to the Information Commissioner's Office which can be contacted.
My policy is to never respond to emails that I receive if they are intended for other people. Here's why.
Back in 1998 I received an email intended for an attorney at a personal injury law firm. The firm's domain name is very similar to mine, the only difference was that they have a hyphen in their domain name and I don't. Being a good guy, I replied to the sender saying he had the wrong email address. That was a serious mistake.
I was accused by their office manager of hacking their emails. I told her that I don't control who sends email to my domain. She said I shouldn't open email not addressed to me, and the firm reported me to the US Attorney for their location for violating attorney/client privacy. Back then, the name, address and phone number of domain owners were always public so it was easy to discover my details.
The US Attorney passed the information to the FBI and I received a visit from two agents who were polite but computer clueless and somewhat concerned about what had happened. As I said, this was 1998 and the whole concept of malware and hacking was somewhat new and esoteric. I explained to the agents in detail what had happened, showed them my email setup and explained how email works. They thanked me and left saying they would be in touch. I haven't heard a word from either of them or anyone else about the complaint since.
However, this experience did change my attitude to incorrectly addressed email. I've received several emails for this law firm since then and I ignored them. These days a complaint of this nature would be ignored but why take the chance.
There is an artist in Vermont, a real estate person in Texas, and a guy in Britain who all routinely give my email address thinking it's their own.
It happens constantly. I've stopped being nice.
For the guy in Vermont, he signed up for voicemail. So I password-recovered his account, got his phone number, and gave him a call. Bastard got upset at me thinking it was a scam. Later... I got a request for a caricature for the police chief. So I drew one, MS paint style and sent a $300 invoice.
For the guy in Texas, I got some poor schmo's mortgage app sent to me from another real estate agent. I mean, full financial details. I replied letting them know they were probably breaking the law by sending it to me. I still get shit.
The guy in Britain has signed up for:
1. Online bill pay for his gas bill
2. Multiple online betting websites
3. A "find a naughty-housewife" website
I've password-recovered and closed all those accounts.
Seems like it should have taken two minutes.
See the "TO:" line on this email? That's like the address on an envelope. See how it has my email address? It's addressed to ME, so it was delivered to my computer, which is like a mailbox. It's like accusing me of opening someone else's mail, when someone put MY name and MY address on the envelope. If you meant to send a letter to John Smith at 123 Dumbass Lane and instead wrote John Smith at 321 Dumbass Lane, and another John Smith lived there, how is it his fault?
Gamingmuseum.com: Give your 3D accelerator a rest.
It's not "the only way" at all. If she can login to schedule service disconnect, she could login and simply change the email address to 'foo@example.com'.
She then no longer gets mistaken emails, but with the advantage of not being a total dick to the poor sod who made an honest mistake with their email address.
Verify the headers to make sure the mail came from the cable company. If you can verify the sending IP address. I get all sorts of email directed at me from supposedly cable, credit, banks etc. The sending IP is some dynamic att or time warner address. Your wife's email is no secret really. Every person that your wife has sent email to or is in their contact address book is a possible leak of her email to spammers. I see it all the time.
An "honest mistake" is very different from willful ignorance and vitriol though. The literal University professor in question continues to give out my wife's email address. Calling the power company and telling them that they have the wrong person does not work. Logging in to the web page to change your email address does not work (it gets changed back). Contacting the husband, loan officer, and texting said University professor does not work. Telling her university students to PLEASE TELL YOUR TEACHER she is giving out the wrong email address, the correct one is ........ does not work either. The only thing that works is directly punishing her for signing up for things with the incorrect email address.
The magic word is "CPNI breach".
Send a certified letter to the cable company's address's legal department (where process can be served), and inform them that a CPNI breach, reportable to the government, has occurred involving an account in your name, demand that the cable company reports this CPNI breach as required to the FCC.
Send a copy of the letter to the FCC.
Believe me, after 1 or 2 of those, that cable company is going to take a whole different interest in this matter.
I have a fairly generic email address at a certain domain. Occasionally, I receive messages obviously intended for someone else. My solution is to really screw with the sender. One time, someone used my address as their login for etsy. I'm sure they were really sad when I canceled their order.
Back in the 90s, with my name being Stuart McSomethingOrOther and the CFO of the company I worked at being Stewart McSomethingElse our company email addresses were StuartMcG@companyName and StewartMcG@companyName. Guess who regularly received the most interesting and juicy financial details about the company from the Lawyers ? Sadly Stewart didn't find the occasional mis-directed discussion on software devt anywhere near as interesting.
The parent post deserves to be modded +5 insightful. What is fundamentally killing our economy right now is simply that malicious incompetence is given a free pass. It seems like most the world doesn't realize its possible for incompetent people to pretend, purposefully, to be either more or less incompetent than they actually are, to suit their own ends. In both cases, this type of behavior at the very least should disqualify them from claiming they can do said tasks effectively, even if they actually could do so by trying harder. Almost universally though I see cases where obviously malicious laziness and incompetence is given a free pass because apparently the one thing we, as Americans are too polite to do is fire someone for lying about their own qualifications.
I know you're saying this sarcastically, but he's not wrong. Don't use your phone to pay your bills. Really. Especially if its an Android or any other type of "smartphone" that runs "apps."
In fact, I'd recommend that you don't even use your phone to check your email unless its an email account with completely separate authentication and hosting that you use only for that phone, and never use as a contact address for any accounts anywhere else.
Chances are pretty good you won't have to pay them $100. Hell, I know a lawyer that would write a letter for free - on the contingency that should they ignore the letter, then I would hire him to go further.
excitingthingstodo.blogspot.com
If it was a lawyer, you might want to report them to the relevant regulatory agency - or even tell him to sue them; he might as well get something out of the mess. But you did good to warn off the 20 yo...
1. Change her email password to another long, complex, random one. It doesn't hurt to change it regularly anyway.
2. When it continues to happen in future keep a detailed call log against the cable company: date and time; what number you called; what phone tree options you chose; the name of who you spoke to - often multiple people per call, don't be afraid to ask them to spell their name out if you can't understand it, some companies have operator numbers so ask about that as well; a summary of what was said; and finally, ***ask for a case number***. At least if anything bad happens in future you'll have an immediate log you can drag out against the cable company rather than having to rely on memory.
3. If anything bad does happen in future, approach local current affairs/papers with your log in hand and get them on to the cable company for being dicktards.
"Hello. Thank you for calling . This call may be recorded for quality assurance."
..."
"Funny, I was about to say the same thing. Now that we're on equal footing
Bark less. Wag more.
After all they made you the offer...
A young woman used one of my email addresses to sign up for a dating site, and I was getting her dating message replies. Apparently, she was doing all of her messaging via the web site, and didn't notice to lack of email. Having no way to communicate with her, I surfed to the site, clicked "forgot my password", logged in, and closed the account. If it's not a critical service like phone/water/power, I wouldn't quibble over doing to same for other circumstances. Cable isn't a critical service.
send a registered letter, return receipt to their legal department, putting them on notice of the situation and telling them that if they allow this to continue in the future, your letter is evidence that they have fair legal notice for the problem and that you will be holding them strictly liable for any damages
Exactly. Even now, 2015, the vast majority of computer users are clueless. Since the nail that sticks up is the nail that gets hammered, I just hunker down. When (if) the majority of computer users clues in, I may change my policy. Until then, I keep quite. FWIW, if it was something truly urgent that really did require me to notify someone of an incorrect email address, I'd have my lawyer do the notification.
linquendum tondere
Sounds more like a phishing attack, to trick you into disclosing your password or other personal details.
A lawsuit is going to require alot more than just an email address, particularly if the company that accepted it did nothing to make sure the email address was actually one belonging to the person services were extended to before extending services.
Same thing with the credit reporting agencies.
If they ever do come after you, then have a field day filing a countersuit. Refer to the fair credit reporting act for the protections it offers.
And it may simply be someone typed in the wrong email address.
To give an example - this year, I started receiving emails from Comcast about a new install being setup. It was being sent to my email, but the name was that of someone else (same first initial). The email address is a gmail one, so pretty easy mistake to make.
Now I initially suspected that this was some kind of phising crap. The links looked legit though. Ironically enough, I actually work for Comcast, so I was able to pull up the new account based on details provided in the email to figure out it was actually legit, and was able to clear it up and get my email off the account.
So there's the old adage, never attribute to malice what can be covered by stupidity.
That being said - I sincerely suggest you put a credit freeze on your accounts with all three major bureaus. I've had it for years. They make it easy to lift the freeze, either permanently, or for a specified time period, in case you need the info to go through (credit application, job check, rental check, etc). It's an easy and sane way to help protect yourself from identity theft (there may be some cost involved, depending on what state you're in, but it's fairly small)
Her email address is not a common one so we do not believe that it is someone accidentally using it;
Well I would hope that her address isn't common--it had better be unique! In any case, I agree with those saying that it's probably someone typo-ing their email address. If you really think that the cable company has her email address in their system, initiate your own password reset. The password reset confirmation email will go to her email box, and you can log into the account from there and see what's going on.
Exactly. The response to the FBI should've been to invite them to ask the law firm why _they_ were violating attorney/client privilege by sending sensitive information to a third party.
That's a perfect way to stop someone from using your email address on your behalf.
Being forced to give a title to my comments is retarded. Thank you slashdot.
Implying WPA2-AES is crackable without bruteforcing (either the password or via WPS)? What the hell are you talking about?
The first time you let an Android user authenticate with your AP, your PSK (or the passphrase anyway) is conveniently backed up on Google's servers, unless they have done a depth-first traversal through their settings menu and realized they don't want that setting to be enabled, which it is, by default.
Come to think of it, the other day, there was a story here on /. about Microsoft taking it one step further. It shouldn't be all too hard to find.
CLI paste? paste.pr0.tips!
I like your paranoia. But then again the slippery slope would quickly bring us to distrust non-libre software. And i agree. My "solution" above wanted to deal with the "identity theft by a non-governmental adversary" scenario.
I don't really think it is paranoia when these features are known to exist and be enabled by default, which can be easily verified.
My "solution" above wanted to deal with the "identity theft by a non-governmental adversary" scenario.
Okay, and I pointed out that you might as well do it right while you're at it
CLI paste? paste.pr0.tips!
I get these wrong person emails all the time, netflix, facebook, flight booking, etc. Some *are* phishing, some are legit. Most places i have to give out email addresses (like retail stores, utility companies, etc), i'm not the one TYPING the email address. Usually an agent or sales clerk does. I've seen plenty of mistakes made by them (same applies to friends). They simply didn't listen carefully enough, or entered in their phone wrong, or can't read their own handwriting, or simply fat finger when typing. These are much more likely scenarios than someone deliberately handing out someone else's email address (i'm sure they exist too).
As a good rule of thumb, anything said over the telephone just disappears into the ether. (Your Honor, we have a policy of keeping good records and we have no record of the plaintiff's alleged phone call to us, so the alleged phone call didn't happen.) Write the cable company using plain ole snail mail, return receipt requested. Be sure to send the letter in an envelope that is big enough for the green postal return receipt to be fastened to the FRONT of the envelope, else the return receipt is likely to be overlooked when delivered. Keep a copy of your letter to the cable company and the signed postal receipt (its hard to say that your letter was never received if an employee's signature is on the green postal receipt).
Set up a folder. Keep your WRITTEN evidence. You might be in a lawsuit with the cable company some day.
I know it probably didn't seem so at the time, but your patience and help probably directed those FBI agents into learning more and being able to understand such explanations from less knowledgeable people in future. You are a valuable citizen and you should actually be proud of it.