Angeline Malik
Established Member
- Impact
- 32
I joined NP a few days ago and as I indicated in my first post in the meet and greet area, I’m a software developer, my knowledge about domain names is limited. I have a question and I’d be extremely grateful if experienced domainers can help me.
I have a small software company comprising a few developers. We have clients mostly from the USA, UK and Middle East. A year ago, we added a new segment to our business: providing online/ ticket based technical support to the customers of our clients.
A few months ago, one such client outsourced to us a couple of their websites for customer support. Let’s say for understanding purposes one of the sites’ name is tesla.com. When we were given the access to the email accounts and the second we set up MS Outlook, we found loads of emails but not intended for tesla.com, instead for different financial institutions like teslabank.com, teslainsurance.com and many others.
Upon further investigation we discovered that people in the bank and insurance etc promote themselves as tesla and when their customers write to them, many tend to forget to add bank, insurance after tesla and all such unrouted communications are delivered to the default email address of tesla.com, which is, say, support at tesla.com.
The funny thing is that people in the tesla bank and tesla insurance also make such mistakes and their internal emails also make their way to tesla.com’s default email address.
We contacted the owner of the website but s/he was not bothered. S/he said the people in the bank and insurance have been aware of all that for several years and they are least bothered. Whatever you receive for them, treat it like junk and delete it from your PC.
My question is if we, the support team, are involved in anything illegal? These messages which look sensitive in their nature as they carry confidential pieces of information about money, transfer, bank accounts, insurance, individuals and organisations, etc I find it difficult to comprehend that a bank or financial institution will not be bothered after knowing the extent of this kind of breach of security.
What’s the best course of action for us? Should we stop providing customer service to this client? Is it a serious issue or am I being paranoid unnecessarily?
I have a small software company comprising a few developers. We have clients mostly from the USA, UK and Middle East. A year ago, we added a new segment to our business: providing online/ ticket based technical support to the customers of our clients.
A few months ago, one such client outsourced to us a couple of their websites for customer support. Let’s say for understanding purposes one of the sites’ name is tesla.com. When we were given the access to the email accounts and the second we set up MS Outlook, we found loads of emails but not intended for tesla.com, instead for different financial institutions like teslabank.com, teslainsurance.com and many others.
Upon further investigation we discovered that people in the bank and insurance etc promote themselves as tesla and when their customers write to them, many tend to forget to add bank, insurance after tesla and all such unrouted communications are delivered to the default email address of tesla.com, which is, say, support at tesla.com.
The funny thing is that people in the tesla bank and tesla insurance also make such mistakes and their internal emails also make their way to tesla.com’s default email address.
We contacted the owner of the website but s/he was not bothered. S/he said the people in the bank and insurance have been aware of all that for several years and they are least bothered. Whatever you receive for them, treat it like junk and delete it from your PC.
My question is if we, the support team, are involved in anything illegal? These messages which look sensitive in their nature as they carry confidential pieces of information about money, transfer, bank accounts, insurance, individuals and organisations, etc I find it difficult to comprehend that a bank or financial institution will not be bothered after knowing the extent of this kind of breach of security.
What’s the best course of action for us? Should we stop providing customer service to this client? Is it a serious issue or am I being paranoid unnecessarily?