ReachCustomersOnline.com

Connect with low-cost tools and know-how
May 8, 2006 :: Volume 2, Issue 4
Next Issue: May 2007

Who Else is Reading Your E-Mail?

Posted by TimSlavin at March 26, 2005

"Last year, I transferred money from an online brokerage account to a large nationwide investment management firm. The investment firm sent a confirmation e-mail to the online brokerage containing my name, Social Security number, account number, and estimated balance, along with the account numbers necessary to wire the money to the new firm. The firm put me on the CC line so I got a copy of this message. I was completely furious. Repeated complaints to the investment firm went unanswered. When I finally reached someone, the response was "it is our routine practice to send account transfer confirmations via electronic mail" and the company refused to change or even review their information security procedures. Needless to say, I do not wish to do business with a company that is so lax about their data security.

I traced the details of the path that particular e-mail took between the three parties involved. It went through a total of 37 individual pieces of computer equipment. I had control over three, and the investment firm and online brokerage each had control over four or five. That left at least 25 other pieces of equipment, all out on the public Internet, and all controlled by people other than the three parties in the e-mail. There were at least nine other companies owning equipment that this readable message passed through. Any employee of any of those nine companies who had access to any of those network components may have intercepted that e-mail."

A nice if chilling overview about email security written by our IT guy (Rick Dexter, NDynamics) and published in the Almaden Times Weekly, a newspaper in Silicon Valley (California).
URLs:

http://www.almadentimes.com/032405/comp_col.htm

Comments

Post a comment




Remember Me?