[DougWebb]

It's not just posting photos that can cause this kind of trouble. I get a lot of email intended for other Doug Webbs sent to my gmail account, with variations on the presence/location of periods, or CC'd with another gmail account that's the same but with numbers on the end. For a while I was getting boarding passes from a major airline for a Doug that was frequently flying up and down the US west coast. Those emails gave me the confirmation number, and a link directly to the page that would let me make changes to the reservation, with no security barrier at all.

Granted, this most likely was caused by that other Doug providing my email address to the airline, but the airline is at fault too for assuming that access to a given email address is proof of identity. That's a very common mistake, often made intentionally to provide a more "user-friendly" experience. Had I been malicious, I could have caused that other Doug a lot of un-friendly grief.

I was not able to see any contact information on the reservation, and I didn't have full access to his account. (I don't know if a "Forgot Password" request would have given me that, though it probably would have.) I contacted the airline customer support to tell them they had the wrong email address on the reservation and they should contact their customer through some other means if they could. I think I got a form-letter thank you and never heard from them again, but I did get a few more boarding passes for a while.

I also get a lot of online shopping order/shipment confirmations, and plenty of personal correspondence. I try to tell the senders to fix their address books, and when I get a CC with the real address I contact the other Dougs too, but most of the time there's no response. I've had to set up a filter that puts all email with TO addresses that aren't the one I use into an "Other Dougs" folder, which I treat like spam.

[jsymolon]

(my data point ...)

I get mail from a bank for someone who misspelled their email but their name is very close to mine.

I called the bank, reported that I was getting their email and they tried to sell me their identity theft service. ( Give us your SSN to check to see if you ... )

American Express didn't care that one of their subscribers personal information wasn't getting to their customer, but wanted to sell me service.

[DougWebb]

Ha... I just checked my Other Dougs folder. On Aug 4, I got an email from myidentityassist.com saying that "I" reported a case of identity theft, and that "my" Royal Bank of Canada credit card has been blocked from further use. Then on Aug 5 I got an email confirming an order from a Pizza Hut in Kingston ON, Canada, using the same variation on my email address.

This is one of my repeat-offenders. I see a lot of email out of Kingston with this same variation on my email address, and I've tried many times to reply and get people to tell him he's using the wrong email address, but to no avail. This has been going on for years.

[uiri]

Have you tried calling him up? http://www.canada411.ca/search/?stype=si&what=Doug+Webb&wher...

[DougWebb]

Wow, an official, functional, online phonebook with addresses? I didn't know those still existed. Crazy Canadians. Thanks, I may give that a try.

[ProblemFactory]

> a link directly to the page that would let me make changes to the reservation, with no security barrier at all.

This is most likely intentional.

Most business travel gets booked by assistants / travel agencies / client reps / etc. They are going to use their own account when booking tickets, and then forward reservations or boarding passes to the actual passenger. That passenger then wants to for example reschedule in a hurry when a meeting overruns, or change seats or meal choice without having to explain their seating preferences over the phone (is 25C still available? No? Then get 27A).

Security wise it would be better to have some sort of delegated permissions system, where the travel agent can add email addresses who are allowed to access the booking, you then have to create an account with the airline and prove that you own that email... but I don't see the airlines pissing off their most profitable customer segment with extra hassle to add protection against misforwarded emails.

[flashman]

My Gmail account was one of the first created. Here's a quick list of emails I've received intended for other people:

- Thailand holiday itineraries and airline tickets

- A PayPal money request for $1800

- Congratulations from someone's godfather that I am now able to play the opening riff of AC/DC's "Hells Bells"

- South African real estate quotes

- A bar mitzvah invitation

- A reply to a Thanksgiving invitation sent by someone else

- Inquiries about racehorse sponsorship

- South African Taser training course booking confirmation

- British Heart Foundation cycling team invitations from a BBC reporter

- Complaints from an Ebay purchaser that I'd sent them a Nutribullet with a broken blade

- Confirmation that my NJCAA hardship application had been granted

- Pictures of 5th graders riding trail bikes in Eagle Lake, Maine

- Solicitations from the Greater Palm Harbor Area Chamber of Commerce to run a stall at the 13th Annual Palm Harbor Parrot Head Party

- Sports tipping results

- House painting estimates

I'd be living a much more exciting life if all of these had been intended for me.

[_asummers]

You should decide to do some of these one day! Show up to a bar mitvah with gifts and stuff and when people ask who you are, you just show them the invitation. "I dunno man, they told me it was a party, so I showed up... Mazel tov!"

[Natanael_L]

I have the same thing with the email address for this nickname. A few people are occasionally using the version without a dot.

Whenever somebody register on any website using it, I use the recovery options from the emails they send me to disassociate my email address from their accounts (I never ever keep access to those accounts).

For direct / personal emails (usually in Spanish) or anything else with some customer support involved I just send a short reply in English stating that they've got the wrong person and email. Then I usually spam flag everything not English (I'm only a little sorry for doing that).

There was this one day recently when somebody kept re-registering on this one site about a dozen times, and I kept resetting the password because they used my email every time. I have to guess that they eventually figured out their mistake, because it stopped. I hope...

[bitexploder]

Let's talk about common first and last name @ Gmail.... It is ridiculous. Oh the things I have seen. I have gotten multiple financial account resets over the years.... Retirement account statements with resets..... Loan info...

[mod]

I have a guy doing this to me. I have firstname.lastname@gmail.com

He lives in Texas and teaches a sport. I got a reminder that he had to visit the doctor a while back. I replied and got a real human and asked her to tell him he was giving the wrong email. I don't think it happened, something new showed up later.

I had never considered doing anything to mess up something he had done (like canceling his appointment) to get his attention.

Overall it's not that big of a hassle. It peeves me a bit, but I guess I'll let it continue.

[pishpash]

I get this all the time and initially have been nicely replying/forwarding, but after a while you have to figure they don't care, so it's either spam or account take over. After all, "I" own the identity, and "I" want my email back.

[csours]

Yup, I get emails about Cassidy's kids, Conrad's car purchase, Clyde's Lion's Club meetings, etc.