Stupid Patterns

So, some random person had subscribed to Tata Sky (television set-top box channels subscription in India) with my mobile number. He wouldn&#x27;t pay his dues on time, and Tata sky would call me every month multiple times. Their customer service would take down my request to change the number, but they never changed it.<p>I was able to track down his actual phone number and on Facebook. Messaged him and explained to him. He wouldn&#x27;t act. He said he intentionally gave a random number since he didn&#x27;t want to be bothered by their phone calls and asked me to &quot;deal with it&quot;.<p>Finding no other option, I used Tata sky IVRS service calling from my mobile number(linked to his account) to subscribe to a bunch of expensive channels, totalling the monthly subscription fee to 10x of what his usual fee was.<p>He reached out to me requesting that he be allowed to take control of his account, as he is unable to change the phone number linked to the account, without an OTP (one time password) received on the existing number (which was my number).<p>Did take some sweet revenge by not responding to his request for a while, but eventually gave him the OTP after a week.

This is nothing.<p>I have a very common name and a very common surname and people have used my email (name.surname at gmail.com plus the infamous GMail variants such as namesurname or NameSurname) for purposes like accounts on dating sites, Spotify, Instagram etc.; invoices; banks and insurances; resumes and job applications; medical test results; newsletters and all kinds of personal communications.<p>&quot;I&quot; am a local politician, a Swiss or Italian banker, a boyfriend deserting some girl in Argentina, a rugby player, a professor or two; &quot;I&quot; buy screws, magic tricks, diving suits; I know several of &quot;my&quot; birth dates and addresses and I have easily identified a couple of correspondents.<p>In most cases there is no practical way to verify email addresses, particularly if the person is really convinced that their email is the wrong one or that some approximation is allowed, and without actual payment collections coming your way little harm is done.<p>I sometimes complain to web sites with inexcusable confirmation-less registrations or reclaim accounts on services I might want to use, but for the most part I just let incorrect emails accumulate to play the passive game of collating them and consolidating identities (e.g. is the person who follows cooking courses in a certain big city the same who received from a friend bus timetables for that city?).

A very stupid pattern I&#x27;ve come across recently is Best Buy sending me an email with the subject &quot;Password reset didn&#x27;t work&quot; and a body of:<p>&gt; You may need to create an account.<p>&gt; We received a request to reset your password on BestBuy.com.<p>&gt; However, we don&#x27;t have an account associated with this email address. You can try to sign in with a different email address.<p>&gt; You can also create a new account using any email you choose.<p>&gt; Happy Shopping!<p>My guess is that it&#x27;s a bad actor doing something like password stuffing to try see if my email address has an account there that they can try compromise. It&#x27;s also possible someone thinks my email address is their email address, I doubt it though because in the 16 years I&#x27;ve had the Gmail address I&#x27;ve never received an email intended for someone else.<p>Regardless, I&#x27;ve never lived in a country in which Best Buy operates, but some &quot;genius&quot; at Best Buy thought it would be a brilliant idea to email people who they know don&#x27;t have an account with them, because <i>there is no way anyone would ever try reset a password for an account on an email address which they don&#x27;t actually have access to</i>.<p>After getting these annoying emails a few times I landed up making a Gmail rule to always report them as spam, then delete them.

I have a very short gmail email address which I’ve noticed intersects with several common names. I had not idea how rampant this issue is. I get a woman’s Victoria Secret orders and address, school progress reports for a child that is not mine, worship team updates for a Mormon church, a Snapchat account, vet updates, German emails I don’t even know how to read, and many more unusual emails for people who aren’t me. What’s worse is for group emails (e.g worship emails) I try to reply all and inform them of the mistake and only get more emails for the wrong person.

It not just emails where this happens. Some idiot has been giving out my work mobile number as his own. I got a call from his aunt to wish him happy birthday (she was incredulous when I explained that no, this isn&#x27;t X&#x27;s phone, and I don&#x27;t know x). I get random texts from I assume his friends, and calls from collection agencies.

For the past year, every weekday at noon I receive an onslaught on calls for people trying to reach Humana. These are usually elderly people that report that my phone number came up on their caller ID. I have had my number for 20 years. I tried to Google my number to see if something popped up on Humana’s site but nothing. I don’t have an explanation or resolution for this behavior so I just prepare to ignore all calls starting at noon for the next hour.

Yup, had that problem with an airline. To avoid spam, I was using the + modifier — &lt;normal-address&gt;+&lt;airline-name&gt;@gmail.com — the booking form accepted it, the ticket-sending system and the account login system, didn’t.

&gt; I never received any further emails because the user probably never recharged his internet subscription.<p>&gt; This wasn’t even a spam email!<p>I disagree, if it&#x27;s not intended for you, then it&#x27;s spam. Marking these emails as spam might affect the company&#x27;s delivery rates and get them to actually fix the broken process that allowed this to happen.

The Stupid Pattern I encounter most is getting e-mail about some account, with a link in it to some completely-other domain that looks most like a phishing site.<p>Often these e-mails are not actual phishing attempts, they are just things made by absolutely phenomenally clueless hacks.<p>So there is this company that does e-mail list services called mailchimp. Apparently, by default all e-mail from their customers comes with links to a site something like &quot;mandrill.com&quot;.<p><i>If mailchimp is that clueless about security, do you really want to let them manage your password login setups?</i><p>There is a stock-market accounts company, Carta, that uses mailchimp.<p><i>Do you really want your stock market holdings managed by a company clueless enough to let someone as clueless as mailchimp to manage their password login setup?</i>

Just a random thought: can it be that a part of &#x27;darshit&#x27; (the poo part, I mean) triggers some code to remove bad language, does something unknown, and then your real e-mail address gets linked to the first known account the respective system can find? Maybe all the different websites use the same authentication method from another third party, so it can happen on seemingly unrelated sites.

This has started happening to me also. Someone in my area of the country who has my same name accidentally put my email address on their registrations.<p>These companies aren&#x27;t verifying that the email was entered correctly.<p>So I continue to get notices about what this person is doing even though I&#x27;ve reached out to the companies and this person to try to notify them of the error.

does this describe the various companies that phone me<p>and then ask me to prove my identity to them?

I too have a &#x27;common&#x27; email with my first name at common email provider.<p>The most surprising offenders I&#x27;ve gotten were discord and spotify! Both of which were easy enough to resolve (I just requested the accounts be deleted, and then re-created for my own use).

I have a very common name, and was lucky(?) enough to have gotten a gmail account with it back in the days you had to have an invite from a Google employee to get a gmail account.<p>I get misdirected emails like this at least multiple times a week.

&gt; “No company provides the email verification service”<p>Sounds like a really nice startup idea.

Not sure GDPR is related to typos or deliberate misdirection by users - though I feel your frustration.<p>By any chance does the numeric component of your e-mail alias form a shape on the 10-key pad?