Security by Stupidity
Airtel sent me this email today, with subject "Your Airtel Bill for Account XXXXXXXX, For the Period 26/03/2009 to 26/04/2009, Airtel Number 080XXXXXXXX"
Dear Customer,Please find attached your Airtel Bill for,
Airtel Number: 080XXXXXXXX
Account Number: XXXXXXXX
Bill Number: XXXXXXXX
Bill Period:26/03/2009 to 26/04/2009Please save it for your future reference. You need Acrobat Reader installed on your computer to view this bill.
Further down the email, I see this.
--------------------------------------------------------------------------------------------------------Your Airtel e-bill is protected by a unique password, please enter your account number as password to open your e-bill. Password remains the same for every e- bill sent month on month.
--------------------------------------------------------------------------------------------------------
Who are they trying to fool? What is the point in password protecting the bill, when the password is provided in the email? How does one deal with such morons?
0 TrackBacks
Listed below are links to blogs that reference this entry: Security by Stupidity.
TrackBack URL for this entry: http://balajin.net/cgi-bin/MT-5.03-en/mt-tb.cgi/342
Where's the password (acct no) provided in the email? I thought the account number digits are mostly masked out with 'X's!
The account number is present in the subject as well as the body of the email. I replaced the actual numbers with 'X's in this post.
-balaji
This has changed now. Now you have to send something like ebill to 121 from the phone in question to get the password.
_
Rishi