Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Ask SN: Best Way to Report a Major Security Problem at a Cellular Carrier?

posted by janrinok on Sunday July 19 2015, @07:58AM   Printer-friendly
from the good-luck-with-that dept.

An Anonymous Coward writes:

I tried to return an item to a nearby carrier-owned store, but they couldn't find my information. They never gave me a printed receipt and couldn't look it up with my phone number or name.

Now here's where it gets fishy: the clerk wanted to log into my e-mail account with the store's computer! When I told him I didn't have a web mail like GMail, etc, he asked another guy, who also said I should just log into it from there and find it.

I'm pretty sure I was giving deer-in-headlights looks while I was there. Flabbergasted is probably the word. Considering their "POS" system is based on Windows and has regular problems, this just seems tailor-made for keylogging, social engineering, or worse. I probably won't use my credit card there again.

So my question: how do I report this? Just calling customer care obviously won't cut it. I have a very hard time believing this is SOP, and that this is probably just this store--and where there's one, there are probably more.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ask SN: Best Way to Report a Major Security Problem at a Cellular Carrier? | Log In/Create an Account | Top | 24 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Sunday July 19 2015, @09:16AM

    by Anonymous Coward on Sunday July 19 2015, @09:16AM (#210993)

    Everyone who goes deer-in-headlights will be like you and say "no way", and everyone who hasn't got that competence will also lack it at home, without adblock/hosts/firewall/etc and with crapware. Maybe the problem is avoided when it matters?

    Or you can hope for the best for the future, call head office, patch through to legal or to high tier customer service, and tell them for liability reasons to update their playbook, to inform customers without support onhand that they'll have to return with it.

  • (Score: 0) by Anonymous Coward on Sunday July 19 2015, @01:46PM

    by Anonymous Coward on Sunday July 19 2015, @01:46PM (#211049)

    tell them for liability reasons

    This, talk to them in terms that mean something to them. "Liability", "Cost", "Exposure", "Bad Press" all all words that may resonate with these corporate drones.
    Things like "bad practice" or "one unhappy customer" mean nothing. "Cost", "Liability" means a lot more.

    Also, "your call is very important to us"

    • (Score: 0) by Anonymous Coward on Sunday July 19 2015, @06:01PM

      by Anonymous Coward on Sunday July 19 2015, @06:01PM (#211138)

      Adblock? Jesus christ it's hopeless.

      The illusion of security is not the same thing as security.

      • (Score: 0) by Anonymous Coward on Monday July 20 2015, @09:51AM

        by Anonymous Coward on Monday July 20 2015, @09:51AM (#211354)

        It's an illusion to reduce entry vectors with adblock, noscript, requestpolicy?