Links in emails should be treated with suspicion - so webpages should be findable from My GiffGaff
By: snozboz | 16-07-2018 00:33
All webpages mentioned in emails should be findable from the GiffGaff homepage or "My GiffGaff" and shouldn't depend on customers clicking on links in emails.
Members (and potential members) will stop being trained (by the existing system) to click on links in emails - when spammers, scammers, and fraudsters want you to do this automatically without questioning. Members will become trained to treat links in emails with the appropriate amount of suspicion, which will help their security and privacy, as well as the security of GiffGaff.
Members will be able to find anything they need through the website - and know they can trust webpages they have found from the starting point of the GiffGaff homepage or "My GiffGaff".
Members will navigate through the GiffGaff website, and will learn where to find information for themselves - improving their ability to "self-help".
GiffGaff will be encouraged to update their website and organise it effectively to make it easy for members to find what they are looking for.
It would be better for members and GiffGaff agents trying to help us if all GiffGaff webpages and information were easier to index, find, and navigate.
One straightforward way of achieving my idea, and still retain the ability for GiffGaff to track clicks on links in communications (so they can see who is clicking on what and when), would be for each email sent to be a duplicate of a post on the website - an "archive" of all GiffGaff communications to you as a member. However the version of the email on the website would have (trackable) links directly to the relevant pages, while the email sent to members wouldn't have links but would point members to the website-viewable version of the email (e.g. "Go to GiffGaff.com and login to My GiffGaff - then click on the link to view your recent emails from us")
At the moment, there's nothing stopping a scammer from mocking up an email that looks like it is from GiffGaff, sending it out to millions of people, and watching as some of them click on links in that email that opens a webpage (again mocked up to look like GiffGaff, with an https:// SSL certificate and padlock icon) that asks for username, password, address, credit card information etc etc. and the scammer then receiving this information and doing whatever with it. And because GiffGaff themselves sends such emails with links to webpages that ask for this information, members would have to really think and struggle to find out about how to tell the difference between a legitimate email and a scam. But if GiffGaff took the initiative and never asked someone to click on a link in an email, but instead asked us to visit the website to find the further information and input forms, we would all benefit.
See this forum thread: https://community.giffgaff.com/t5/Contribute/Link... for the discussion and my initial post on this idea.