Monday, February 16, 2009

HSN: Simple Shopping? or Security Hole?

... a quick comment on something that troubles me.

I ordered something on Home Shopping Network (don't ask...) and when the operator was done taking my order she said something that intrigued me.
"Next time, sir, all you have to do to place an order using our automated
system is give your phone number."

Wait, all I have to do is call their phone system, give a phone number and order something? Now, I'm tempted to try and call, and order something for someone else. Who has an HSN account they're willing to try this with? {evil grin}


Anonymous said...

Interesting post..Why should be Who I think, in the last sentence.

Also perhaps they have caller ID on the trunk to catch the real telephone number?

Rafal Los said...

@Anonymous - CallerID can be sp00f3d :) And anyway, they *ask* for the number... and I tried a mini-experiment...
I called up using my mother-in-law's home phone (she's a frequent buyer) and they just took it... apparently not realizing that the account belongs to someone who I obviously was not. At that point I exited the call graciously... I didn't want to get involved in anything shady but... wow.

Anonymous said...

Spoof the callerid.