Based on the number of emails I get because other people think my email address is their email address, I too can't understand how people can be so stupid.
This is the worst kind of spam. There is someone who enters my email for all his electronic receipts. I am not sure if he's purposefully enter a "fake" email or mistyping his own. But either way, it doesn't get classified as spam. There is also no way to "unsubscribe".
I now know the guy drives a Mitsubishi which he regularly services and also shops at Target and Kmart - mainly purchasing BBQ equipment.
speaking of using others' numbers, I use 867-5309* for the shopper-loyalty-card number at every retailer that asks for one (in exchange for discounts). I think that dozens of others must use this number as well, as the supermarket receipt sometimes shows totals of $10,000-20,000 per week for "my" account.
*For those born after the 1980s, the song "Jenny (867-5309)" was a hit for the band Tommy TuTone and received significant airplay. It was a catchy tune, and the phone number was the chorus. As such, it's an easy number to remember.
Gives me a self-organizing-system chuckle every time.
(Carpet/flooring company. The last four numbers are L-U-N-A, which they still use in a different number.)
I finally figured out the reason for one person who's been using my email address for all kinds of things for years: his is easy to mistake for mine when being given over the phone. We have the same gmail address except that mine is first.j.lastname@ and his is first.jay.lastname@.
So now everyone with that lastname uses this email address. I get party invitations, venmos, confidential hospital forms, tax returns, you name it.
Pretty impressive given that it launched in 2004.
> and used firstname.lastname@example.org. There was someone who signed up as email@example.com
That's not possible. Gmail won't let you sign up for an already in use email and they strip the dots before they check.
The latest is Paypal who WON'T DO ANYTHING ABOUT IT! (sorry, needed to have a dig at Paypal's awful support there).
This person has tried to sign up for at least 6 things over the last year only to find that the registration confirmation emails never reach her.
Some lawyer with an amazingly active life, and is learning to be a pilot, and other things I've forgotten has the same not too common name as me, and has firstname.lastname@example.org as his email address.
While at first cute, the number of times I've had to deal with other law firms who have sent me some incredibly sensitive document and then demanded I sign a document somehow proving I never read, nor will keep, the document they sent me by mistake is getting old.
Or my favorite, when a plane leasing company sent me some very large bill, and when I tried to explain the confusion, they claimed it was my responsibility to find the right person, or pay the bill.
People amaze me.
(And it's super petty of me, but this lawyer's family sends invites to family events to me now. The first few times I responded trying to fix the situation. Then I tried going radio silent to these, but they got more and more incessant on a response, so now I just respond that I'm not interested in attending.)
Edit: having sensitive information sent to a personal gmail account is also a problem in itself and is probably directly and unambiguously prohibited by the firm. You should really let them know
Tell them: no problem, but first you have to pay the fee and send them an invoice for some large but not completely crazy amount. :)
Just show up to the party?
But then get someone with your name that gets a support tech at your email host that's willing to reset the password for them, even worse bypassing any security they have, and then you're going to have a bad, bad day.
And with so many services potentially tied to your email address, this can amount to identity theft. Maybe the caller and the admin circumventing security for them should be getting some legal trouble for this.
What was most impressive was when I called Amazon to complain that someone opened an AWS account using my email addy fraudulently. They did several things to try to prove that I was the one lying (sent a confirmation email that I never clicked, sent a verification email which I was able to read back over the phone), and even confirmed from logs that the offending party bypassed the e-mail signup verification process by using a phone number rather than email address.
They made some vague promise that they would open an investigation and close it if they deemed it fraudulent. They never did. My guess is that they are siding with random-fraudster-with-Indian-IP because he's the one that will (potentially) pay them money.
All the company has is an email address and a bunch of other incorrect information.
Second time it happened, I somehow managed to get someone at Netflix to look into it. I haven't had the problem since.
Called the pizza place and it took them quite some time to understand what could have gone wrong. I had, after all, logged in, and was still logged in. We had a good laugh when we figured it out. Sales rep called the guy up, but I don't think he cancelled the pizza. So free pizza, I guess.
Back in the days of pheasant-under-glass mainframes, I had a part time student job as an operator in the computation center. We had a phone at the operator console, and 90% of the legitimate calls came from the operator console at the computation center at the other state university on the other side of the state. Our phone number happenned to be the same, but for the middle two digits reversed, of the most popular pizza place in a college town. The vast majority of the calls were to place a pizza order, not someone looking for the on-duty mainframe operator.
Our standard practice was to answer the phone “wrong number” — because it usually was. Anyone with a legit reason to call us knew the drill. Pizza orderers, especially the half-drunk ones, were our amusment on an lonely night shift of hanging tapes.
what do you mean by "think" ? I understand that mishaps can happen when numbers are canceled and moved to another person, but the old number is still registered in certain places, but why would someone want someone's else number ?
When my friend linked her CVS account to her mobile phone, CVS sells each interaction to various parties. There's a whole business where certain debt collectors will buy almost aged out debt for $0.01 on the dollar, "make contact with the debtor" and once that happens, they can resell the debt for $0.05 on the dollar.
All of the sudden she started getting messages that she won cars, etc. All attempting to establish contact.
Because companies buy and mix data from different sources, it's easy for companies to inject bad data, as they assume that certain types of data are highly reliable.
My real name is extremely common, and each time I've been assigned a new phone number, I get calls for months (sometimes years) from private investigators, collection agencies, etc., looking for someone else who shares my name.
Another possibility is that people deliberately used the number knowing that it was fake (or knowing that it belonged to someone else). Why? I can't imagine many reasons:
- distrust of this weird new Social Security program that was started just 3 years earlier, so they gave this fake number to avoid participating in this fraud or scam
- distrust of the federal government, esp. since the U.S. was still in The Great Depression and some people felt that Roosevelt was turning the U.S. into a socialist state, hence use of a fake number to avoid creating a socialist state
- people who had restarted their lives under a new identity (which was easy to do in an era where jobs paid cash and nobody needed real ID) -- to escape a spouse, the police, a criminal past -- would not want to get an SSN under their original name
- people living in the U.S. illegally were being asked by their employers for their SSNs, so they found this handy number to use
- people who were eligible for a genuine SSN but hadn't bothered to get one were being asked by their employers, so they gave the fake one
I also occasionally get for others, yesterday for example I got one for a guy in Lubbock notifying me he's off the wait list to be a Dash driver.
I get bank emails, airbnb confirmations, sports team info, paystubs, return to work from counseling info, airline confirmations, the Vermont guy's Wired credentials one time and tons of his photo assignments over the years, personal emails, someone's Apple account, ride sharing password resets...
Looking at the pictures, there is no name or picture on the fake card. The card looks exactly the same as a normal one. The only difference is the word 'specimen', which doesn't even cover the whole card and to me does not convey the meaning 'fake, don't use'.
1970s in USA were a drastically different time than today. Information warfare did not really exist in a meaningful sense for the common person in terms of threats that they would have to consider realistically. Information was even hard to come by for the average person in the country back then.
Even ignoring those facts, if you're comparing that to email addresses being known or used today, I think that is also a very uninformed view of the world. The vast majority of the country even today does not understand what information about them is considered confidential, and what is not. I personally see this even among engineers from what are considered top schools today.
This is not a matter of intelligence. It is a matter of being informed. I don't believe that anyone is inherently stupid for being misinformed, especially in an age where information is used for warfare.
In the last 5 years, I can recall situations where entering my email address led to:
- At least three instances where a multiple people abandoned a new job onboarding due to use of my email address. (In Scotland, Texas and Ireland)
- One instance where someone was leaking sensitive PII and video regarding a workplace incident that killed someone.
- Multiple dressing room / bedroom "how do i look" emails.
- One person sent an email every quarter with a zip file containing a VPN client and a word document with a list of about a dozen username, passwords, etc for the industrial facility that she was a plant safety manager.
- One guy test drives luxury cars in the Washington DC region as a hobby.
- An attorney sent a bunch of litigation related materials to his client. And a bunch of followups to get signatures as deadlines were missed.
- One guy was a big Ashley Madison user
- Lots of real estate agents in weird disjointed conversations.
This stuff has nothing to do with information warfare. Just simple mistakes compounded by complete inattention to detail and often combined with incredibly stupid or irresponsible behavior.
It's amazing how sloppy people can be with email addresses.
We can all laugh right up until we sign up for a site built by someone who doesn't know credit card companies offer test numbers or doesn't understand the value of hashing passwords.
Fun fact - if you sign up with an email address and password and then someone later uses Door Dash with the android authentication on their phone they can log in to the same account without needing credentials. That was a fun email to write to support.
> If your email address is [First initial]+[Last name]@gmail.com you gradually get to know lots of older people who have the same name pattern. [...] it looks like there must be at least 750,000 people in the US alone who think 'Sure, that's probably my email address' on a regular basis.
I've had a college professor give my email to all her students. I've had numerous job acceptance letters go to me. And so on so on.
Some of these I know well, and even reply "No, your professor's email is actually X. But actually you may want to correct number 3 before your send it to her..."
As one of the first subscribers to a new ISP, that was set to be the most popular one in my country, I was able to get an email address with my nick. I couldn't anticipate what was coming my way. It was possible to explain most people their mistakes, not the guy sending me underskirt porn. Except it was scottish underskirt porn. It was too embarrassing to write a complaint.
Now with my current gmail address I had a problem with a bunch of... individuals that use a reply-to-all mail list. Forced to mask everything as spam.
(For example, if my phone number in 1995 was 123-456-7890, then I provide the fake number 123-555-7890.)
I even get door PIN codes for various gyms, etc. Ugh.
As a Canadian, the number of Republican/right wing mailing lists I get signed up to is astounding.
Can someone explain why this would be “clever?” It just sounds like a bad idea to me.
For GP, actually yes, people did think it would be used as a credential to establish identity, and many feared (correctly, as it turns out) that would happen. The phrase used by those people was "Papers, please!" with a German accent, since it was well known by the mid-40s that identity papers were used by the Nazis to control the population. Later variations by people my age was to use a Russian accent since the Bolsheviks also used papers to control the population.
My uncle and aunt never had SSNs for that reason (and no, never paid into or collected social security either.)
I have a friend who is now in his late 50s who has never given his SSN to anyone except the IRS and his employer -- which is actually the law, or at least used to be, perhaps it has changed.
Rather than assume older people are less privacy conscious, the correct assumption is that younger people are less inclined to protect their privacy. Many millennials don't even believe in privacy. I blame it on the generally poor education in history that most younger people have received.
Aomebody linked a CGP Grey video above that goes into details.
The way I read it is:
* 219-09-9999 is a made-up number that was never issued to anyone.
* The woman thought it was her number for unexplained reasons.
* She used the pamphlet as evidence that it was her number.
I must be missing something important. Is it a joke, with the punchline being that she thought the pamphlet was her social security card? If so, how was this the fault of the Board? Was it her SSN somehow? If so, how did the pamphlet prove it?
Looks right to me. She received a document from the Social Security Board with a made up SSN on it, and thought it was hers.
It's not a joke, just an example of how people can get confused by real-looking fake numbers.
This can be said to be the fault of the board in the sense that after dealing with the 1938 incident they could have learned that this is confusing to some people, and for example printed 219-09-XXXX instead.
I too had a hyper literal moment on this too, so I'm glad you asked. My conclusion is that the joke just isn't that funny or well written (everyone's a critic!:))
What does that even mean? There will definitely be a bureaucracy with offices that administers it, which will be functionally a "DMV".
To compound the problem, state Departments of Motor Vehicles have somehow become the arbiters of identity along with the SSN, when neither thing should have done so and very little verification takes place when a DMV issues an ID card. Any true national ID can't be administered at the state level- they might provide the manpower to hand out IDs, but the regulations and centralization should happen at the federal level.
I can go to a DMV with a paper birth certificate that isn't mine (and might not be real) and SSN card that isn't mine, and get a driver's license or state ID if I can't pass the driving test. I can take the birth certificate, SSN card, and new fraudulent driver's license, and get a passport from the post office. That passport, with my picture, is considered "proof" that I am someone else entirely, and I got it without actually proving who I am, because at some point we decided that the SSN card you got as a baby is good enough proof, along with a driver's license (that usually hinges on having an SSN). The crazy part is that you don't even need to be a citizen to pull this off, just know where someone was born and their SSN, put a little effort into making a realistic looking birth certificate, and you can get ironclad proof of citizenship that lets you stay in the USA forever, vote in elections, travel abroad and get assistance from the American embassies, and enjoy all the benefits of being a citizen.
>SN misuse will stop once the USA has a secure national ID that is free and easy to get (don’t have to go to a DMV).
It looked like that nebulous "no DMV" was a core criterion. I recommend you would flesh out ambiguous criteria like that more as you did in the follow-up.
It’s perfectly acceptable to ask for clarification on something, but it’s rude to attack me, doubly so in this case because it’s from you misinterpreting something and not me insulting you first.
I’m done with this thread, unless you care to bring the discussion back on topic.
The only three things I know of that SSNs are really used for (which are currently accepted uses and not DBAs being lazy) are tax ID numbers (which are more or less their intended use), Social Security itself, and the "credit reporting agencies." which are horribly irresponsible. The way they currently use them was originally illegal.
A lot of people would feel respected and it would be the most benign religious integration into our culture, aside from the names of the days of the week
I’m sure that this sentiment isn’t exclusive to programmers, but applies to anyone who has to consider how the general population will handle their product.
If you consider the “general population” to be idiots, you:
a. Don’t know how intelligence measurement works. (Hint: they cant all be idiots. Maybe it’s you.)
b. Are still an amateur who will hopefully someday mature into a professional who works with the circumstances at hand rather than complaining that conditions aren’t right for the world to appreciate your genius.
I don't think it was meant to "the user is using it wrong!" but instead make you (as the creator of something) think that the user will for sure try to use it in ways you didn't intend it to.
I'm confused by this statement. The card appears to be the same size as a real card in the picture of her holding up the two cards, and for the purposes of showing people that the card would fit in a wallet, it'd have to be regular-card-size.
Whenever someone asks me for my SSN without having a legal need for it, I give them Richard Nixon's instead. I know first hand that I'm not nearly the only one.
Cash transactions over $10,000
Applications for certain federal benefits, including Medicare and Medicaid
Interactions with the Department of Motor Vehicles
Social Security business
You also need to supply either your SSN or a taxpayer ID number to companies that are required to report about you to the IRS.
Under all other circumstances, there is no legal requirement to provide your SSN.