Why do people do this?
I have a junk domain, one I use for signing up for stuff, and which works. It usually has the name of the place I used the email address in the address. E.g. youtube@example.com for signing in to YouTube, though obviously example.com is just an example and not my domain.
Some idiot keeps signing up for instagram and using my domain.
This is annoying. But also it is pointless, as I am now simply using the "forgotten password" on instagram to set a strong password, change the profile pic to something rude, set default date of birth, change the name to "Idiot using my domain", confirm the email address, and turn off all email notifications.
It is rather odd of instagram, by the way, that they see my login as "suspicious" (presumably as from a different country even) so they send a 6 digit security code for me to enter. What is odd is they send that by email, to the same email address they just sent the password link. What is the point in that?
So the idiot does not get to use the instagram account at all.
What is weird is that not only do they try and login to it (which just makes instagram send me a "you are having trouble" password reset link), but they have even tried the "forgotten password" link that emails *ME* a reset password link. Why do that?
At one point they tried to change the email address on an account - not sure how they did that - maybe it is one I had not set a new password on yet - but I was emailed and given the option to revert that change and confirm my email address. So I did. They were trying a Russian email address.
If his keeps happening, I'll make a small shell script to automatically zap the login the second they create it!
By why do it? Why use someone else's email address on such things? What is the point?
Subscribe to:
Post Comments (Atom)
Playing with microphones
The latest LED board designs have included a TDK PDM I2S microphone - the idea was to make sound reactive LED strips. It is tiny (3.5mm x 2...
-
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
-
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
-
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...
I have a similar problem with my gmail account - drives me up the wall.
ReplyDeleteIt's actually an eye-opener the number of organisations that will just use an email address that gives full online access to make account changes without first verifying that email address.
Ditto on my Gmail and my domain I use for the same purpose.
DeleteI had a car dealer in the states email me a quote after I had been into see them (I hadn't, someone had used my email address) so I replied back and asked them to tell whoever it was to stop being a dick when they went back in to complete the purchase.
Don't know if they did or not but it's nice to think they might have.
I imagine the person who gave the fake email might have been giving it so that they could politely escape from a high-pressure sales situation. Like when someone in a nightclub gives to a pushy sleazebag the number for the chinese takeaway, just to get rid of them.
DeleteApologies to the Penguin who legitimately owns fake@fake.fk...
ReplyDeleteCan you imagine how poor bob@bob.com must feel!
DeleteServes him right for that s**t he pulled at Microsoft a few years back
DeleteThe same thing happens to me and I too change the password and details and lock out the account, effectively taking over somebody else's account because they used an email address that I own. Question for Neil - is doing this breaking any laws?
ReplyDeleteTempting, but iffy. Even though you technically have the ability to do it, I'd be inclined just to block the emails and leave their account alone, really.
DeleteIf it's not breaking laws then it's not iffy. If it is breaking laws then iffy is irrelevant. You're just repeating the question really. Which is why I'd like to see what Neil thinks.
DeleteIffy, I'd have thought, in that one would be knowingly (rather than mistakenly, I assume) accessing an account and data that does not belong to them. Just because someone might have the technical means to do it, it doesn't mean they're allowed to. As you say, it would be good to understand the legal position here.
DeleteHad this happen to me, but it was a gumtree.co.za signup, I get email with a link to verify email. Obviously I'm not gonna click that. I alert gumtree.co.za about what's happened.
ReplyDeleteI tried contacting instagram, and no reply.
DeletePossibly no surprise there... can you imagine the amount of junk signups they must get
DeleteI think this might, to some extent, be symptomatic of some people feeling that some companies ask for far too much information as a condition of providing their service.
ReplyDeleteObviously when signing up for something like Instagram, one would expect to NEED to provide a valid email address for account recovery purposes and suchlike. So people that provide a random email instead probably don't understand the signup process. Then again, if they're doing it from a smartphone, maybe they feel that a phone number should be sufficient. Anyway...
Often it's the case that companies have forms that require you to put in an email address even though you don't want to be contacted by email. For instance, in order to access news articles on some websites I have to create an account and provide an email address. I invariably use a throwaway email service for that. Why? Because they don't need my real email and I don't want to get spammed. Likewise, with "Live Help" services I usually use an email address such as fdjsklfdsjkl@fdsjlfdskljf.com. Or, if they do validation, something like bob@hotmail.com.
It's a bit like when you phone a call centre to enquire about something and they want to take all your details before they'll start speaking with you. For instance, you call about a Satellite TV offer and have a few simple questions but they first want to know your name, surname, email and everything else about you before they'll even consider helping you. Sometimes when I call a company they want to know my surname even though I'm making a generic enquiry like "What's the postcode I need to use when mailing an application form to you". I tell them they can call me whatever they want. Nonetheless, they INSIST that I give them my surname. So I say Smith or whatever. Something quick and easy for them to type so we can get that pointless step out the way asap.
Some companies really do insist on collecting too much unnecessary information, hence what they end up getting is garbage!
You'll enjoy reading the similar sagas on the Diary of Broken Emails: https://diaryofbrokenemails.wordpress.com
ReplyDelete