We live in a flat. The flat is in a block that is managed by a housing association. We do stuff like pay them management fees. They do stuff like getting the lawns cut and keeping the window frames and hallways decorated in a nice way.
Yesterday, I received an email from them, asking me to send them feedback on a survey form.
Nothing weird or wrong in that, until I took a closer look. The To: header of the email contained a large number of addresses. So many, in fact, that I assume that the list is constituted of the addresses of everyone who lives in a block managed by this same company (of which I believe there are many). There are some interesting ones too, like people who appear to work for banks and major retailers in London, as well as the usual array of hotmail and btinternet accounts.
I was a little bit upset about my email address being shared with this many people, so I sent a polite note to the man who had originally sent it, reminding him to use a mailing list of some kind, or the Bcc: header, to avoid this kind of thing in future.
Today, I received an advertisement for some cosmetics. My spam filter didn’t cut it out. Why would it? The email wasn’t particularly “spammy” in content (not a Nigerian scam, not offensive, no offer of pills to improve my performance). It was addressed directly to me, and carried genuine headers.
Interestingly, the Cc: list corresponded directly with the To: list from yesterday. I spotted the same great and good companies in the list of addresses.
I replied to the lady in question, and copied the man from the housing association. I explained that not only was this a violation of my privacy, but the further use of the information (when clearly the list of addresses was revealed in error) was totally unacceptable.
I hope that some people get a clue as a result of this. I’ll be interested to see whether I get an apology from either of the parties involved. I just hope that some joker doesn’t do a “reply to all”…
I prefer not to reply to spam emails, as I believe that all it does is annoys them and hence they send more email. I put my trust in Spam Assassin and if I want to do something more progressive I tend to file the email with SpamCop (though quite often they seem to have given up reporting certain spam. I get a frequent one from a music company and cannot get off the list. Spamassassin also doesnt think it is spam as it is well written. I might just have to bounce all email from that domain…)
Andy, I see the same kind of behavior at work (mind you we work at the same company ๐ ) where folks will copy everyone in the to: or cc: field, and that must bring out the urge to use the “Reply to All” button. I’m here with you, folks definitely need to be educated on e-mail “best practices”.
Anton: I agree with you entirely, ordinarily I wouldn’t do it, but in this case it wasn’t some anonymous spammer – I could see that someone on the list had deliberately thought to themselves “oooh, good way of marketing”.
Dan: yup… ๐
Incidentally, I have now had apologies from both parties.
Putting the violation to one side, at least the lady (who used the ready-made distribution list) has motivation enough to capitalise on someone else’s error and put it to their own good/bad use ๐
It was a cunning idea, to be sure. In her response, she did that she sent it “by accident”, and didn’t know what a bcc was… but I find it interesting that she left out the man from the housing association, and mailed the rest of us. I’m so cynical…
I’ve seen this a couple of times recently as well. The only conclusion I could come to was that sender of this email didn’t realise that email address could “leak” , as yours did and get used for advertising.
A similar incident happend with the company I order our organic veg from.. They sent a plain text email (using bcc I admit!) asking for the security code to my credit card. Could I email it back to them.
Immediately I phoned them, and ask why they had sent out this email, and how potentially dangerous it was. They hadn’t realised, and more shockingly quite a number of folks had already responded. Oh well!
And you wonder why people fall for phishing scams… It doesn’t help when smaller shops seem to have no problem asking for confidential/private data in a plaintext email with no verification at all.
I think a lot of it does come down to naivete on the part of many computer users. I’m such a techie that when I watch e.g. my mother struggle to perform simple tasks, it just “doesn’t compute”, if you’ll excuse the pun. Security can be a similar issue.
On the other hand, in this case I’m still fairly convinced that it wasn’t a mistake – since I don’t know of software that offers a “reply to all but not the sender” option.
Nice site(s), Matthew, particularly the photography ๐