Here it is, late in 2010 and for the first time I may actually have been the victim of identity theft. May because the jury is still out on this one.
I received an email from ITunes this morning thanking me for an order I’d placed. The order consisted of something called SleepUp! (5X Deep Sleep) and WeDict Pro. The total was $11.86, including tax. This was charged to my credit card kept on file with Apple. Helpfully, ITunes provides a handy feature entitled ‘Those who bought your selections also bought’, which lists three items: 4000 (then a bunch of Kanji characters) by Jeff Tang, ZingMp3 – Nghe nhac zing mp3 mien phi tren IPhone/IPod Touch by BUGUN Software and Cliffed XL by IUGO Mobil entertainment Inc. I’m quite certain that had I actually made the purchase of the two things I was billed for there would have at least been a passing interest in viewing the other selections.
Except, of course, that I had made no such purchase, nor had I authorized anyone else to use my ITunes account or credit card.
This immediately cause a bit of concern. I have never accessed my ITunes account from anywhere but home, and I’ve got the usual firewall and security software.
I clicked on the useful link http://www.apple.com/support/itunes/store/ because it said that there were answers to frequently asked questions. Well, it seems that fraud must not be a frequent enough question. There are no answers guiding you on that page for such a circumstance except the fine print offering you the ability to shop the Apple Online Store. You see, not actually having made the purchases, I wasn’t even sure if the were music, books, plants, animals or minerals. So I dutifully called the store and was told by the not-so-helpful person on the other line that I should go to http://expresslane.apple.com and would have the ability to either have an online chat or handle the issue by email.
But first I called the credit card issuer to make sure that they knew this was an unauthorized purchase. They issued an immediate credit but then told me it may still appear on my next statement. Huh? Anyway, we seem to have gotten that resolved so at least the charge could be disputed if it does show up.
So back to Apple. Remember the ability to have an online chat? Uh, no. No such beast. So I ended up sending an email, hoping that someone would see it in my lifetime.
Well, they did. Reasonably fast, too. There was an email from them tonight (Satya was the service rep) apologizing for the inconvenience. Satya said all the right things, and I was starting to get a warm, fuzzy feeling that all was right with the world. Except of course for the scum who purchased something on my account in the first place.
Satya said that within 3 to 5 business days a refund for this purchase would be credited to my account. But the next line caused the hairs on the back of my neck to rise:
“Please note that this is a one-time exception to our sales policy”.
What? Does that mean if someone hacked into THEIR system and gained access to my account, Apple would be so kind as to give me credit for the first non-authorized purchase? So by definition I guess that you can go in, get into my account and what the heck, make Ol’ Rick pay for it all.
This is not an open invitation.
So I just sent them an email thanking them, but asking for some clarification on this one-time exception. Hopefully this is just lost in translation. But I’ll let you know how seriously Apple takes their security obligations.
No comments:
Post a Comment