uID Thieves Hijacking Accounts To Cash In On Bogus Warrantiesr

4 4 4 9

• 
  In a pre-online era, when we made most purchases in person, getting a warranty replacement on a broken product often required taking the defective item back to where you bought it. But now that we’re all buying things online, a number of retailers are willing to ship you a replacement on the understanding that you’ll immediately return the original item. ID thieves are taking advantage of this goodwill, hijacking customers’ accounts and convincing companies to send them free replacements for items they never bought.

  Cybersecurity journalist Brian Krebs recently looked into a spate of warranty fraud attempts involving Fitbit products.

  Toward the end of 2015, large amounts of Fitbit customer data was being posted online — the kind of data you’d need to make a warranty claim on a broken device.

  But this information apparently didn’t come from some sort of data breach at the fitness accessory company. Instead, it was gleaned from various sources — password-stealing malware, careless Fitbit customers who use common passwords or the same email/password combination across multiple accounts.

  Once an ID thief accesses a customer’s account, they can change its associated email address so that the customer isn’t alerted to future communications.

  “[A]t that point they are the customer,” explains Fitbit’s head of security, telling Krebs that the fraudster will then call up Fitbit to file a warranty complaint and get a replacement.

  “They’re mainly interested in the premium devices,” like the $250 Fitbit Surge, he says.

  Since ill-gotten electronics are often sold for significantly less than their retail price, it makes sense that scammers would go after the most expensive items.

  The Fitbit exec says that the company has put new systems in place and re-trained its warranty folks in an effort to end the hemorrhaging.

  “If we see an account that was used in a suspicious way, or a large number of login requests for accounts coming from a small group of Internet addresses, we’ll lock the account and have the customer reconfirm specific information,” he tells Krebs.

  Fitbit says it is planning to beef up protection against ID theft by offering two-factor authentication — which requires that the user not just enter a password, but also a unique code sent to their phone or other device — but the company’s security chief is realistic and doesn’t really expect less-savvy Fitbit users to take advantage of the improved security.

  “I’m not sure the type of user who is using the same password at every site is the great target for that,” he points out.

  
• 
  

ribbi

by Chris Morran via Consumerist

uAmazon Won’t Say If Employee Added Unrequested Dildo To Customer’s Cartr

4 4 4 9

• 
  In the world of customer service, there are usually a few, easily predictable responses from companies that we encounter: either an issue gets resolved to the satisfaction of the customer, whether quickly or with a bit of effort, or it doesn’t. But one Amazon customer found himself in wholly unfamiliar territory after providing negative feedback, when, he claims, an employee of the e-commerce giant put an unrequested 10-inch dildo in his shopping basket.

  Ars Technica UK’s Sebastian Anthony has been in touch with a customer named Pedro, who lives in Ireland. Back in October, he’d ordered a specialized textbook he needed for an art class on Amazon.de, but was disappointed when it arrived to find that although the listing had been for the current edition, he’d received the previous edition.

  After he got in touch with customer service, he was told that Amazon couldn’t find the right version of the textbook and that he should instead return the book for a full refund. He was frustrated at that point, as he’d spent time looking for the right book and then more time waiting for Amazon to locate it in its warehouse, so he provided negative feedback on a customer satisfaction survey. End of story, or so he thought.

  He says that the next time he opened up Amazon.de — surprise! He found a giant dildo in his shopping basket. Because he hadn’t put “The Hulk 10.25-inch Huge Dong Black” to his cart, he immediately suspected an Amazon customer service rep had taken the negative feedback to heart and had retaliated with a sex toy.

  Kind of funny, sure, except that he wasn’t alone when he opened up the page.

  “The problem is, I was at the office, in an open space, with people behind me. A guy and two girls were sitting by me when I opened up Amazon and they saw the contents of my shopping basket,” Pedro told Ars UK’s Anthony.

  He took a screenshot and emailed Amazon to find out why he had an unsolicited dildo in his shopping basket. After a few emails from several customer service representatives, he spoke with a member of the Executive Customer Relations team at Amazon.de on Oct. 22. Pedro says the rep was very sympathetic and apologized profusely, assuring him that he’d been in touch with HR to make sure that such an incident wasn’t repeated.

  As a gesture of apology, the rep told Pedro he’d receive a €100 voucher on his Amazon.de account, which he then received. When Pedro explained how annoying the situation had been (Pedro sent us a screenshot of the €100 that was credited to his account, pictured right.)

  Later in the phone call, after Pedro explained how irritating the whole situation had been, the rep sympathized and said he couldn’t understand how an associate from customer service could’ve added the dildo, but that he unfortunately hadn’t been able to talk to the employee and couldn’t say what his intention had been.

  Pedro asked why the rep hadn’t been able to speak with the associate involved, wondering whether he’d been fired or put on paid leave. The rep replied that he wasn’t allowed to talk about “that internal process,” which might lead one to believe that he had indeed been let go.

  Ars UK’s Anthony wanted to figure out whether or not Pedro’s story was true, and spent a few months trying to nail down the details, using correspondence Pedro forwarded from Amazon’s customer service team. Ars believes the situation is authentic.

  Amazon, for its part, at first said it couldn’t comment on the case due to its privacy policy. Once Pedro gave his permission for the company to speak with Ars on his behalf, Anthony reached out repeatedly for either confirmation or a denial, and didn’t get any response. He also contacted the company and said he intended to write about the incident, and asked if Amazon wanted to provide a statement. Again, nothing.

  Pedro says he’s mostly mollified at this point, though still ticked off at the amount of time and energy he had to expend on dildo-gate.

  So why is it possible for Amazon associates to have access to your shopping cart? One big reason: if you’re not very Internet savvy and need help adding or removing things, a customer might ask for help from customer service while shopping.

  To that end, a commenter on the Ars Technica U.S. post explains that customer service reps have the ability to “spoof” a customer’s account — which means they can create “a temporary encryption key to use along with your e-mail address so that we can log into the website as you without having access to your password,” for exactly the kinds of instances where someone has issues using the Internet may need help. Again, it’s intended to be used as a tool for helping others, not pranks.

  In any case, Pedro adds in the comments, he’s not a fan of Amazon.de after this experience. And he wouldn’t trust their sex toy descriptions, to boot.

  “Anyway, the entry for ‘The Hulk’ is completely misleading,” he writes. “I would expect something called ‘The Hulk’ to be green. It’s picture is pink and the description says it is black. My whole issue with Amazon.de started because of incorrect description of items — and this entry does not help their case.”

  <a href="http://ift.tt/1MToD64” target=”_blank”>Amazon Won’t Say If Employee Added Unrequested Dildo To Customer’s Cart [Ars Technica UK]

  
• 
  

ribbi

by Mary Beth Quirk via Consumerist

uMacy’s, Bloomingdale’s Accused Of Inflating “Original” Prices To Make Discounts More Attractiver

4 4 4 9

• 

  Over the past several months, consumers have sued a number of retailers accusing them of advertising “false” original prices on discounted or outlet merchandise. Joining a list that includes Kohl’s and Kate Spade are Macy’s and Bloomingdale’s. 

  Two shoppers, one in Florida and one in California, filed a class-action seeking lawsuit [PDF] against Macy’s Inc. — parent company of both Macy’s and Bloomingdale’s — alleging that these department stores misled customers by boosting pre-sale prices.

  One plaintiff says she purchased a Lennox ornament for $17.99 after being enticed by the thought of saving significantly (about 70%) from the purported original price of $60. However, the suit claims that the ornament was never sold for $60 at Macy’s or other retailers.

  According to the lawsuit, the retailers regularly use deceptive and misleading labeling and marketing of merchandise they sell at their retail locations, including outlet stores across the U.S.

  The suit accuses the companies of misrepresenting the nature and amount of price discounts on products by “offering steep discounted off of fabricated, arbitrary, and false former or purported original, regular or ‘compare at’ prices.”

  

  Specifically, tags for merchandise sold at the stores included prices that were artificially inflated and did not represent the true price at which the products were previously sold, or the market price for the item.

  The merchandise also included tags or stickers on the labels, or signs above the display, that showed a purported discount off the false original, regular, or compare at price, the suit claims.

  “In some instances, [the retailers] represented that the listed or original price was two or more times the manufacturer’s suggested retail price (“MSRP”), and then offered the item at a purported 50% or more discount price which was in fact the original MSRP,” according to the complaint.

  In reality, the suit claims that the prices used by Macy’s and Bloomingdale’s were a sham.

  “In fact, such items were not generally sold at the ‘original’ or ‘compare at’ price listed on their labels, or at least not a substantial number of such items, including not within 90 days of the advertised or represented original or compare at price,” the suit states. “The original, regular or compare at price listed on [the retailers’] products were and are prices chosen by to enable them to engage in their phantom markdown scheme.”

  The suit seeks restitution and disgorgement, injunctive relief, and other costs that exceed $5 million.

  [via Cincinnati Business Journal]

  
• 
  

ribbi

by Ashlee Kieler via Consumerist

uSorry, Person Named Chanel, You Can’t Use Your First Name As An Instagram Handler

4 4 4 9

• 
  When you’re an early adopter of a website, that means you have your pick of usernames. A young lady in Canada registered for Instagram early on, before Facebook acquired the company. Her username was her real first name: Chanel. Eventually, brands began to use the service, and that’s when the fashion house of the same name found that someone had already registered @chanel. Now no one is using that ID. Why?

  The most likely explanation, The Fashion Law reports, is that Chanel (the brand) made its case to Instagram, which recognized the company’s trademark and turned the username over to Chanel (the brand). Chanel (the brand) joined Instagram three years after Chanel (the person) did.

  “Chanel,” of course, was the actual last name of the woman who founded the company, and the fashionable Vancouverite was probably named after the brand. According to Fashion Law, she had 40,000 followers before her account disappeared, compared to the fashion brand’s 9.1 million.

  There is a precedent for this kind of thing when it comes to Chanel: a salon owner in Indiana with the same first name called her business, logically, Chanel’s Salon. After sending multiple cease and desist letters, the company won a 2014 lawsuit. You may think that you have the right to your own name, but you don’t if your name is a pre-existing trademark. Could someone assume that the salon is connected with the fashion brand? It’s possible.

  “Nothing herein may be read to prohibit Jones from using her personal name solely in a personal, non-commercial capacity, or to otherwise identify herself,” the judge wrote in the Indiana salon case, “provided that Ms. Jones does not use her name in any manner that suggests an affiliation or relationship with Chanel.”

  Chanel (the Instagramming human) told The Fashion Law that she has been advised not to talk about the situation by her lawyer, which indicates that the company probably took over the account.

  Chanel May Have Just Won a Battle for the Chanel Instagram Account [The Fashion Law] (via Racked)

  
• 
  

ribbi

by Laura Northrup via Consumerist

uMake Sure Your Computer Is Powerful Enough For The Oculus Rift Before You Spend $599 On Oner

4 4 4 9

• As expected, the consumer version of the Facebook-owned Oculus Rift virtual reality headset went on sale today, but at a higher price than some had predicted. But even if you don’t mind spending $599 for the device, you’ll want to make sure you’ve got a computer powerful enough to use it.

  Unlike the Samsung Gear VR, which uses Oculus technology but is powered by the phone you attach to the $99 headset, the Rift requires a connection to an external Windows PC.

  So if you’re on a Mac or other non-Windows computer — or if you’re one of the growing number of people who don’t have a personal PC anymore because their phone suffices for all things Internet — then you’re throwing your money away on the Rift.

  Thus, on the Oculus pre-order site, there’s a link to download an application that runs a quick check to see if your computer can handle the device.

  Not that we’re planning to spend $599 on a VR headset anytime soon, but out of curiosity we ran the test on a few PCs lying around the Consumerist compound — all failed.

  The above results came from a mid-range ASUS laptop purchased new only a few months ago. Neither its graphics card nor its processing power were found to be up to snuff.

  We also tried the test on a pair of gaming PCs that, while not exactly new, have had no issues playing new, graphics-heavy games. Neither had enough processing power or sufficient USB ports, and only one had a compatible graphics card.

  In short, your average consumer is not going to have the computing power to do anything with the Rift, making it a $599 paperweight.

  Speaking of the price, a number of prognosticators had predicted that the Rift would ultimately go for closer to $450, putting it in the ballpark of the cost for a new gaming console.

  The company had hinted at the price in previous statements, saying that it would cost $1,500 to have a Rift headset and a new Rift-worthy PC. Today’s price reveal bumps that total up a bit.

  After a PC fails the Rift pre-test, the app links to a place on the Oculus store where you can purchase PCs that will run the device. The least expensive of those is $949. So you’re talking closer to $1,600 for headset and a PC guaranteed to run it.

  The Wall Street Journal expresses skepticism about the price, wondering if it’s so high that it will keep the Rift from reaching enough consumers.

  We think that the problem is the need for such pricey external support. With so many people using their mobile devices as their main personal computing tools, it may be a hard sell to ask consumers to commit to spending that much money just for the novelty of virtual reality, no matter how immersive.

  It’s possible that Oculus is deliberately trying to limit the Rift’s availability to high-tech early adopters while it awaits the rollout of the next generation of devices, including the PlayStation VR headset.

  
• 
  

ribbi

by Chris Morran via Consumerist

uDiet App Claims To Help You Watch Your Weight By Scanning The Molecules In Your Foodr

4 4 4 9

• 
  It’s a new year, and you know what that means: new diet plans — or at least, you might be promising yourself to stick to a new diet plan. But it isn’t easy, which you know if you’ve ever sat staring longingly at the last piece of cheese on the plate, wondering whether it will totally screw up your resolution to finally lose just five more pounds. A new app and its connected smart device claims it can do just that, scan your food and let you know whether or not it’ll lead you from your chosen diet path.

  Our friends at Consumer Reports are roaming the booths at this year’s Consumer Electronics Show and came across the DietSensor app, which purports help to help folks maintain their diets by way of a gadget that scans the molecules in food via an optical sensor. It then spits out information in the connected app with ratings on carbs, calories, protein, and fat, and tells you what you should eat for the rest of the day.

  Based on the food you’ve already scanned up to that point, the app may then ask, somewhat passive-aggressively, “Sure you need to eat more?” or tell you you’re good to go.

  The app will only work if you’re checking homogenous foods — so again, cheese, or a piece of bread, or a slab of honey-cured ham. If you want to find out what’s in your pizza and whether it’ll ruin your diet, you’ll have to add that information manually to your log.

  It’s also a bit pricy: the gadget itself is $249, while the app will cost $10-$20 per month when it becomes available.
  

  
• 
  

ribbi

by Mary Beth Quirk via Consumerist

uBye Bye Puking Rainbows: Snapchat Shuttering Lens Storer

4 4 4 9

• Two months after Snapchat opened the Lens Store to offer users the option to jazz up their self-destructing messages, the company is shutting down the venture. 

  Snapchat announced the change in a support notice on its site Wednesday, noting that while the Lens Store would cease to exist starting Jan. 8 (this Friday), it’s not doing away with the so-called lenses — which add special effects and sounds to messages — completely.

  Instead, the company says it will still offer users about 10 free lenses each day, including some that are sponsored by movies, companies, and other organizations, Mashable reports.

  The Lens Store, which launched in November, allowed users to purchase special effects filled add-ons for $0.99 each.

  Snapchat says that some of the company’s most popular lenses – you might be familiar with the puking rainbow – will eventually be available through its free offerings.

  Still, the company warns that it plans to change the free offerings on a regular basis, and that users can’t actually save those options for later use.

  Snapchatters who previously purchased lenses through the Lens Store will continue to be able to use them.

  [via Mashable]

  
• 
  

ribbi

by Ashlee Kieler via Consumerist