Email Security Links
I’m not an expert on computer security, I’m a regular project manager, so there will be no analysis of what happened in this article, and it’s unlikely that the text below will pull on the article, but I would like to share what happened with the public and hear the opinion of experts if they consider what happened normal?
So, I receive a letter in the mail in which Microsoft invites me to a webinar on the use of 1C on the Azure platform. I have many friends of the same class and I decided to share the link to register with one of them.
What was my surprise when he wrote to me today that after following the link he sees all my personal data, such as full name, e-mail and phone number.
There will be no conclusions, just tell a story that is happening right now. We are engaged in e-mail newsletters to our customers of the online store and at the bottom of the letter, in accordance with the rules, we have a link by which you can unsubscribe from the newsletters. However, the link leads to your personal account and if the user does not remember his password, this causes him indignation (which, by the way, is quite logical). It was decided to redo the unsubscribe mechanism from the newsletters to the correct one - I clicked on the button, the client opened a browser with the text "You are unsubscribed from all mailings." However, the development manager expressed concern - by sending his letter to his friend, this friend will be able to unsubscribe the original recipient of the letter from the mailings, which is not very correct from the point of view of security. Agreed on
I repeat, there will be no conclusions, I just want to hear the opinion of experts about how correctly what happened and maybe it’s to myself that I’m an evil Pinocchio that I distribute the links that came in the letter for me personally?
So, I receive a letter in the mail in which Microsoft invites me to a webinar on the use of 1C on the Azure platform. I have many friends of the same class and I decided to share the link to register with one of them.
What was my surprise when he wrote to me today that after following the link he sees all my personal data, such as full name, e-mail and phone number.
There will be no conclusions, just tell a story that is happening right now. We are engaged in e-mail newsletters to our customers of the online store and at the bottom of the letter, in accordance with the rules, we have a link by which you can unsubscribe from the newsletters. However, the link leads to your personal account and if the user does not remember his password, this causes him indignation (which, by the way, is quite logical). It was decided to redo the unsubscribe mechanism from the newsletters to the correct one - I clicked on the button, the client opened a browser with the text "You are unsubscribed from all mailings." However, the development manager expressed concern - by sending his letter to his friend, this friend will be able to unsubscribe the original recipient of the letter from the mailings, which is not very correct from the point of view of security. Agreed on
I repeat, there will be no conclusions, I just want to hear the opinion of experts about how correctly what happened and maybe it’s to myself that I’m an evil Pinocchio that I distribute the links that came in the letter for me personally?