OK, I’ve heard stories before about people having their email addresses added to unsavory mailing lists by pranking friends or malicious enemies, but what about the times when someone is apparently unintentionally using your email address for their legitimate purposes? Such is the odd frustration I’ve been dealing with lately.
I’ve had a Gmail account with a username in the format of email@example.com ever since Gmail was invite-only. (Remember those days?) It’s worked great for me, though eventually I’ve semi-retired it for email in favor of using Fastmail and an email address based on my personal domain. For the past six months, though, I’ve been getting a string of non-spam emails that appear to be intended for somebody else.
It started out innocuously enough, with a subscription to a mailing list of Cobb County, Georgia first responders. I requested an unsubscribe, and a real person wrote me back, a little confused why I was asking to be removed. I explained and was eventually removed from the list.
But then I started getting other emails. Over the past 6 months or so I’ve gotten the following:
- Royal Caribbean cruise itineraries and payment receipts
- Hudl.com notifications
- Follow-up emails from car dealers saying “thanks for test driving, let’s talk!”
- Survey requests
Then on Monday came the one that made me think about this a little more seriously: an email from LifeLock with the salutation “Dear LifeLock Wallet User:”.
Now, I’m just deleting these emails, but there’s nothing that would prevent me, were I malicious, from going to the websites in question, using the email address (which, remember, is my email address) and the Lost Password routine to set up a new password, and I’d have access to that person’s account.
Which is one level of bad if it’s your hudl.com account (which appears to be some sort of sports training website), but an entirely different level of bad if it’s your credit monitoring service.
What I really don’t understand is how this person continues to make this mistake, when s/he clearly isn’t getting the emails in question. (I have Google 2-factor authentication active on my account, and I track my Google logins closely, so I’m ruling out the thought that this person could be actually getting to those email messages.) If it were you, wouldn’t you start questioning why you weren’t receiving emails, and then eventually correct your mistake?
If this were, say, work email intended for another Chris Hubbs at my employer (such a person used to exist!), it’d be easy enough to look up that person, forward the email to their correct address, and let them know to clarify things with their contacts. But in this case I’ve got very little idea who the right recipient is!
Basically all I can do is say this: if you’re Chris Hubbard from Atlanta, you should be aware that firstname.lastname@example.org belongs to a guy in Iowa who would be happy to not keep getting your email. Or if you’re gonna keep sending it to me, at least have the decency to send me the cruise tickets and not just the receipts.