Misuse of gmail identity

[Boniface49]

A company called BudgetAir.co.uk have sent 10 emails to me in 24 hours including several airline booking confirmations and etickets. All of these emails were for other people. I have reported this to BudgetAir but they have not not anything about this. Just wondering if anyone else has had similar experiences and if they have any advice on how to deal with this situation?

[n5bb]

Welcome to the EMD Forums!

This is probably an error by the person or service booking the tickets, combined with poor business practices of the booking company. They entered the wrong email address (yours) in their system without proper confirmation. Unfortunately, some services do not use proper security procedures when a client sets up an account with an email address. They should use a process such as:

• A test message is sent to the subscribed email address. This message includes either a link or a security code.
• Within some time limit, the recipient must either click on the link or enter the security code on the signup page.
• This lets the service know that the email address is associated with that individual.

There is little you can do other than replying to the emails stating that the messages are not intended for you, or using any information inside the messages which tells you what to do if the messages are not for you. Be very careful -- spammers sometimes create such messages and hope that recipients will click on their links. Since you didn't create this problem, I think you can just delete them, since the service used such poor business practices.

Similar things have happened to me. I received private messages from a university in another country about new student signup for health services and other personal items. I tried multiple times to point out the error to the university but all of my messages were ignored. I certainly would never use a service or university which doesn't verify the identity of new email signups and then sends them personal messages or items of value.

Bill

[Boniface49]

Thanks Bill - that was very helpful

[janusz]

Quote:

Originally Posted by n5bb

I certainly would never use a service or university which doesn't verify the identity of new email signups and then sends them personal messages or items of value.

A very principled idea, but how do you identify "offending" services before they act in the manner you describe?

[TenFour]

Also, this is a classic phishing technique! Never click on a link in such a message--instead go straight to the website and look up your information or account, etc. Don't click on the email link to respond to the email unless you are certain you know who it is from. I have found that 99+% of the time if I get an email from any sort of vendor that I wasn't expecting an email from it is a phishing attempt.

[paleolith]

Quote:

Originally Posted by TenFour

Also, this is a classic phishing technique!

I agree. Unless you've analyzed the headers and determined that the message actually originated from the servers of the air travel company, it's probably a scam. They expect you to panic and try to "cancel" the charge, revealing personal financial information (like credit card info) in the process. Not a lot different from the one I got a few days ago that looked exactly like an Amazon Shipping Confirmation, for a $1150 order, except that it did not give the item name for even the first item, and the "track your package" link did not go to Amazon or any known shipper.

Edward