Online Forums Need to Think it Through

How Spammers Wag The Dog By Exploiting Telus’ New Online Community, the Neighbourhood

Imagine you were a spammer looking for your next mark. Would you want to use the same tired old email lists or would you instead prefer to reach fresh new audiences without even having to use your own list?

Enter Telus Neighbourhood forums, apparently the phone company’s latest idea about building an online community no one asked for! I thought that was my job.

But the Telus Neighbourhood isn’t anything like the Agora. It unintentionally enables spammers to reach their targets before Telus customers even have accounts on the platform.

You read that right. It enables spammers to reach your inbox without knowing who they’re messaging. To get your ‘message’ you need to not only access their site, but actually set yourself up as a user. This is of course tracked, so if you’re on a phishing expedition, you’ve arrived.

Here’s what I received this morning:

Private you say? I do not think that word means what you think it means.

Upon clicking the (hidden) link to read the spammer’s message, it was clear that I do not actually have an account on this platform. At least not one I have access to. But Telus has a plan to instantly convert me:

What? No account? Why not register for one now and get all the spam you can eat!

To their credit, an unsubscribe link is included in the email. However, it hints that my account will continue to exist in the Neighbourhood. That means it will be inaccessible to you but may continue to accumulate spam on your behalf, for the foreseeable future.

This snafu is probably unintentional on the part of a company I personally think is one of the better ones. As Robert De Niro said in Wag the Dog: “They just didn’t think it through”.

Privacy protection? Just don’t screw the pooch.

--

--

--

Fīat jūstitia, ruat cælum. Personal musings on data protection fails, snafus & oddities, collected & edited by Claudiu Popa; author, educator, booknerd.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Blockchain not to blame

{UPDATE} Flick Basketball Hoops Win Hack Free Resources Generator

AlphaEx: Update on the suspension of Trading, Deposits, Withdrawals.

AI + Security

The true meaning of the Internet strangled

The rationale behind password policies.

What Google’s GDPR Compliance Efforts Mean for Your Data: Two Urgent Actions

Important Notice about AirDrop and Bounty

Important Notice on $PROT Token AirDrop and Bounty

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bad Privacy

Bad Privacy

Fīat jūstitia, ruat cælum. Personal musings on data protection fails, snafus & oddities, collected & edited by Claudiu Popa; author, educator, booknerd.

More from Medium

Windows 11 22593 Brings New Features for Beta & Dev Channels

Fill the Frame

Digiguys Apps Wise Camera Wise Photos Fill the Frame Artistic Composition Rule

Blaseball HoF week 12

Video Premiere — ‘Know My Name’ by Michelle Malone