So I’m trying to pay my monthly bills tonight, and boy is it needlessly complicated. You see, I tried going to my bank’s website and logging in like I do every month, but they’re having “internal server problems”, so I’ll have to wait.
So I went to the Rogers website, where my cellphone bill has to be paid by tomorrow, and tried to login there so I can pay by credit card or something. But the site wouldn’t accept my password, and then locked my account. I tried calling them to have the account unlocked, but they’re experiencing a “higher than normal volume of calls” (at 11:30pm!), so I gave up after a few minutes.
So instead of paying my bills, I’m going to criticize Rogers on their email policies. And since I’m particularly cranky, I’m going to be harsh.
Last month, I was forced to sign up for online billing because that’s the only way Rogers will provide me with a log of what calls I make. (Actually, they don’t. Every time I try to download this log, it shows me a blank page.)
So this month, instead of a letter in the mail with my bill, I got an email that looked like this. Here’s the problems:
- The shortcuts for “forget your password” and “forget your id” are www.rogers.com/forgot and www.rogers.com/forget respectively. And that’s not a mistake. A past-tense forgetting is about passwords, and a present-tense forgetting is about IDs.
- The first link, to check out your bill, says www.rogers.com but actually links (in the email) to a page at www.shoprogers.com. A link that gives one domain and actually leads to another is a textbook example of a trick used in email fraud. How am I supposed to know shoprogers.com is owned by rogers.com?
- The email does not use your name or any identifying information about you other than your email address and an internally-generated 9-digit account number.
This doesn’t inspire confidence.