That’s the claim of findmypast.co.uk, one of a number of websites designed to help those interested in the subject of genealogy with the task of investigating their family tree. They seem to think it is perfectly acceptable to send out a marketing email – very specifically, advertising new, lower subscription rates – and claim that it isn’t a marketing email, it’s a “service update”, an email that it is necessary to send out to their membership (and from which said members can’t unsubscribe).
Back in January, I wrote about an issue I had with Very, a Shop Direct Ltd trading arm. Specifically, they had started sending me marketing emails to an address I supplied when I made a purchase from LX Direct (which no longer exists, and also belonged to Shop Direct Ltd) – my policy when purchasing online is to use unique addresses (so I can monitor when companies abuse those addresses) and to opt not to receive marketing emails either from the companies concerned or any third parties. That clearly means those emails from Very were indefensible. They were spam – it’s as simple as that.
Over the course of the last few days I’ve discovered what appears to be – or possibly to have been – a fairly notable potential security hole in the Amazon UK website (and possibly others, but I only use the UK site on a regular basis). I will go into detail below about the nature of the security hole and how I discovered it – but first I want to point out that I’ve been trying to cause the problem to manifest itself again today, and failing. This might mean that the problem – which appears to have been triggered on my own Amazon account in August 2010 – has already been fixed. It might also mean, however, that I simply haven’t been able to establish all the variables that caused it to happen.
In other words, the problem I am about to describe might already be fixed, or it might not. I have no way of knowing one way or the other.
I was planning to wait before publishing this, but I’ve decided to proceed because I am somewhat less than happy with Amazon’s response to my emails on the subject – details at the very end of this post. Continue reading »
Jan 132011
When do spam and credit checks go hand in hand? Easy: When the spam is from an otherwise legitimate mail order company, and their unsubscribe link takes you through an account sign up process before you can actually unsubscribe – an account sign up process which includes a credit check because, after all, by signing up you are applying for a credit account with them.
The company concerned is Very, a catalogue company which is a Shop Direct Ltd brand along with Littlewoods and a few others. Recently, I started receiving marketing emails from Very which, as far as I am concerned, are unsolicited, making them unequivocally spam. Being a fairly well known, legitimate company, though, I decided to give them the benefit of the doubt and tried unsubscribing by following the link in their emails. However, I discovered that in order to do so it is necessary to apply for an account with them, for which a credit check is required.
A more detailed outline of events, including a brief history that shows how they got my email address, follows.
