Originally posted by Bazz
A bit OT but I received an email from FC this morning promoting Miles plus Money fares - nothing unusual about that you might say but it had a little red box on the right with my FC number, Tier and Mileage in it, never had that before?
Yep, and in unencrypted email. I despair of people's naivety of how they trust companies with their personal information.
You all heard about that guy who had his BA EC details compromised, all from a discarded boarding stub with his EC number on it?
This sort of thing really makes me uncomfortable.
Plus there's the whole thing that this message doesn't come from anything @virgin-atlantic.com, but from some other domain (e-rm.co.uk) which seems to belong an eCRM outsourcing outfit ("E-RELATIONSHIP MARKETING LIMITED"), and contains click-throughs to websites (e-srv.net) operated by the same company - but with a different domain registrant address.
Ever heard of
phishing?
I know that it's easy to forge the domain in a "From:" line, but how about digitally signing the mail in some way, and only providing verifiable links to content on
http://www.virgin-atlantic.com?
VS online marketing desperately need to get some security clue on their team, especially now we're putting APIS-based information into the website.
I personally won't click any of the links in those newsletters.
Interestingly, LX don't put the whole FF number on the boarding stub, all but the last 3 digits are XXXX-ed out, like a Credit Card number is.
Cheers,
Mike
- and there are reasons that I don't want it.
