Slashdot Mirror
Ask Slashdot: Dealing With Ongoing Suspected Identity Theft?
njnnja writes: My wife receives periodic emails (about once every other month) from a cable company that is not in our service area that purport to confirm that she has made changes to her account, such as re-setting her password. Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Is it addressed to her name or her email address? If just the latter, than who cares, add it to the spam filter. Or recover the login information and unsubscribe the person from all their services.
Your hair look like poop, Bob! - Wanker.
That which can be explained by a cable company's incompetence.
Your next stop at this point should be the regulators for the state where the cable company is operating. File a complaint with them. You may also want to file a complaint with your own state's regulators.
Most public utilities, cable, electric, telephone are hypersensitive to complaints filed with the regulators, even if it doesn't show publicly, because it affects the rates they can charge.
Good luck!
Which is easier to believe: That a sophisticated criminal organization is involved in an ongoing plot to usurp your wife's identity and destroy her credit, or that the local cable company is run by a a bunch of half-wits who couldn't figure out how to cancel an account or correct false customer information if their jobs depended on it?
Or, perhaps that Slashdot is a good source for legal advice?
Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Or someone just happened to use a similar email address and misstyped theirs. Are you actually getting emails regarding unpaid bills for the cable company, or is it just simple account-type stuff like changing passwords? Or charges attempting to be made against any of your credit cards? If you are getting emails once a month, it sounds to me like someone put in the wrong email and when they go to pay it online they change the password because they can't log in. And even if there was an unpaid balance, the first thing they would do is send the bills to the physical address they have on file or to the holder of the card that was used to intially set up service, which is also where any collections would likely start.
Hell, 10 years ago I used to get recordings on my phone that someone had overdue movies at Blockbuster. I didn't immediately assume someone was using my identity to steal movies from them in some criminal enterprise, I just figured they had put in a wrong number.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
My policy is to never respond to emails that I receive if they are intended for other people. Here's why.
Back in 1998 I received an email intended for an attorney at a personal injury law firm. The firm's domain name is very similar to mine, the only difference was that they have a hyphen in their domain name and I don't. Being a good guy, I replied to the sender saying he had the wrong email address. That was a serious mistake.
I was accused by their office manager of hacking their emails. I told her that I don't control who sends email to my domain. She said I shouldn't open email not addressed to me, and the firm reported me to the US Attorney for their location for violating attorney/client privacy. Back then, the name, address and phone number of domain owners were always public so it was easy to discover my details.
The US Attorney passed the information to the FBI and I received a visit from two agents who were polite but computer clueless and somewhat concerned about what had happened. As I said, this was 1998 and the whole concept of malware and hacking was somewhat new and esoteric. I explained to the agents in detail what had happened, showed them my email setup and explained how email works. They thanked me and left saying they would be in touch. I haven't heard a word from either of them or anyone else about the complaint since.
However, this experience did change my attitude to incorrectly addressed email. I've received several emails for this law firm since then and I ignored them. These days a complaint of this nature would be ignored but why take the chance.