Leave a legacy.

Stop the usage of our 'full names and mobile numbers' being used in e-mail correspondence?

By: patman2017 | 15-10-2018 07:45

Hi folks, I have noticed in my emails that I receive from Giffgaff every time I need to renew my 'goody bag top up' I get sent a reminder first, then I get an email to say that it's been renewed. But in my emails from Giffgaff they are not just! enclosing my 'user/log in name' they are also enclosing in the top right hand corner of my e-mails my 'full mobile number'?? Of which I really do not agree with this and I feel it is a serious breach of mines and possibly everyone's privacy!? And it also could leave us vulnerable to scammers and nuisance callers ect especially with all the latest cyber attacks in the news. As my full number definitely should not be shown on my Giffgaff e-mails?.

I have already complained to Giffgaff a few months ago and they haven't done anything about it?. And they just told me I should post it on here. So therefore I would really appreciate it if anyone! else agrees with me? Then could you please help and complain with me to customer services or higher management, as I feel this has been going on for too long and it really needs to be rectified as soon as possible so our personal information and privacy is better protected in future, Many thanks!.


by: revilo10
on: 17-12-2018 18:20

I see your concerns, and maybe there could be another way around the problem I bring here, but from another security point of view, having information that is personally identifiable helps people avoid phishing emails and other types of scams. Scammers are now able to replicate the HTML of websites and emails down to the last detail, so having some sort of identifiable info in an email helps distinguish between a real company and scammers, as scammers tend to use "Hey User" rather than your name.

The best way to protect your privacy is to invest some time and possibly a little bit of money (For software, only if you're willing), in securing your accounts. This means having a good, strong and invidual password for every account you use (Use a password manager such as Dashlane), controlling who has access to your accounts (I recommend not letting ANYONE access your account, but if you must, make their access time limited, and change your password when the access is no longer needed.).

I'm going to stay neutral on this one for now, as I love your idea, but I think there's a few things that need to be clarified first.

by: mrjeeves
on: 25-01-2019 19:12

And this is what I 100% agree with.

by: alancmair
on: 14-12-2018 22:49

I completely agree with you. Not only is it a breach of privacy, it puts your personal details at risk of a serious security breach also. They should probably replace most of your email address and phone number details with asterisks or something like that, as other services do. In that way, there isn't sufficient information for anyone else to do anything with, but there is enough information left visible for you to confirm that they are your details. For example, if your number was 07123456789, then they should only show 07*******89 or something like that.

by: goldengirl
on: 12-12-2018 19:06

Yes. With phones numbers often being used as ID verifiers there is some risk in this.

by: jamie54604
on: 12-12-2018 17:44

I think this is a fantastic contribution to the community. I for one second this and would like the usage of my full Mobile phone number to certainly stop being used. If someone gained access to my emails for example an ex partner. This would grant them instant access.

by: paulg04250
on: 12-12-2018 00:29

The un-written stipulation is that each account name with giffgaf can only be linked to a single phone number; but any particular email address can be used to register multiple accounts; therefore partial obfuscation of the username (perhaps a middle portion thereof) and omitting the number - or partial obfuscation of that - is the only solution.

Your assertions are correct that as it is - this is a security disaster waiting to happen. Emails are notoriously plain text even when the conduits between endpoints are supposed to be encrypted; modern certificate key chains are getting longer than the Bayeux Tapestry. You hear about the fallout from the big incidents like Heartbleed a few years ago (essentially a remote memory dump of the server) - it is common for good secure people to be ruined by other peoples omissions and in our present race to the bottom - pretty much all of us are under a threat most simply do not care to consider.

Google, hotmail, yahoo - all offering unlimited free space. When you click delete even - perhaps the remnants live within the Trash folder at the whim of the provider. That was the point of the GDPR changes right? You guys totally have to fix this. You also need to additionally secure outbound PAC number transfers - but that is another story, less liable to trivial abuse and misuse.

by: blue1212
on: 11-12-2018 23:00


by: lisalew89
on: 23-01-2019 02:32

How do I get my mobile number up

by: starkey93
on: 10-12-2018 20:08

Great idea mate supported

by: suem15
on: 10-12-2018 19:02

Fully support this idea. It is a security matter that should be sorted quickly.

by: o__o
on: 08-12-2018 13:57

Supported, showing the full number and name could cause issues if your email was ever hacked and is a massive safe guarding issue

by: davebrom1980
on: 07-12-2018 22:52

I fully agree why not show the last three didgets of our number?