Skip Tags

Popular Tags

Decorative icon

The Resource Center Online Security Issues & Protection The Resource Center | article

How Customer Service Can Compromise Data

The price we may pay for instant access to customer service is less data security.Good customer service can be the difference between a business that you tolerate and one that you love. Consumers appreciate the ability to easily reach a helpful customer service representative when they have a problem with their purchase. It builds loyalty and increases the chance that they will return to do business.

In recent years, businesses, especially those that are primarily based online, have made big investments in their web-based customer service systems. Many offer the ability to chat with representatives through instant messaging services, eliminating the need to pick up the phone.

But convenience can come at a cost. The price we may pay for instant access to customer service is less data security.

Tricking Amazon into giving up your information

When a customer chats with Amazon’s customer service, the company representative will first ask the customer to verify some basic information on his or her account, such as name, address and email. This is supposed to deter imposters from contacting the company under a different name. In practice, however, it provides identity thieves with a surprisingly easy path to identity theft.

A recent article on Fast Company explains what can go wrong. According to the news source, Eric Springer, a former software developer at Amazon, had his account compromised when an imposter convinced an Amazon customer representative to confirm some personal information. The stranger knew Springer’s name, email and a street address associated with him. Using this information to “confirm” his identity to the customer service representative, the stranger was able to obtain Springer’s actual home address, as well as his phone number.

Amazon was none the wiser. In fact, Springer only found out about the incident when the company sent him an email thanking him for his recent inquiry. By the time he received a transcript of the conversation, the thief had used Springer’s information to obtain new copies of his credit card. The thief also made several additional attempts to gain information, despite the fact that Springer had asked Amazon to place a flag on his account. Ultimately, Springer was forced to close his Amazon account and stop using its services.
This scenario could have happened to anyone. The human operators who work in customer service departments are just as capable of making mistakes as anybody else.

Many people have accounts that they use for online purchases — often several. As these can be at risk for similar attacks, it is important for consumers to act proactively to ensure that they can best respond to the efforts of thieves.

If one of your accounts has been broken into in the past and you have concerns about credit fraud and identity theft, invest in an identity theft protection service, which monitor credit, Social Security Numbers and public records and can notify you of certain activity that may indicate fraud. This can help you plug up security weaknesses posed by online retailers you engage with.