Editing Talk:1279: Reverse Identity Theft

My first attempt at an explanation.  I have actually received emails designed for someone else because we had the same name and the sender missed a crucial difference between my email address and the intended recipient.  [[User:Grahame|Grahame]] ([[User talk:Grahame|talk]]) 05:39, 18 October 2013 (UTC)Grahame
:This must be the one of the few times where we have such an well written and complete explanation this early in the day -- well done [[User:Spongebog|Spongebog]] ([[User talk:Spongebog|talk]])
::Thank you, but all of what I said has been removed, and the new explanation does make more sense!  Or at least the bits of it that are relevant.  ;-)  [[User:Grahame|Grahame]] ([[User talk:Grahame|talk]]) 00:51, 22 October 2013 (UTC)Grahame

There once was an article that the security feature that my_address@gmail.com, my.address@gmail.com and myaddress@gmail.com are the same to gmail, but not to netflix could be used for off-loading your bill to a different gmail user. But I don't remember the details on how that worked. [[User:Gunterkoenigsmann|Gunterkoenigsmann]] ([[User talk:Gunterkoenigsmann|talk]]) 21:22, 15 February 2020 (UTC)

AFAIK if you have adress name@gmail.com, then gmail delivers all mails in shape name+anything@gmail.com to your box. So the trick is to make address like J@gmail.com, then heavily use J+Brown@gmail.com to the point, that other people catch up an for example Joe Smith instead correct Smith@gmail.com will write J+Smith@gmail.com - which would end in your mailbox then. {{unsigned ip|89.176.232.253}}

:Good explanation, except gmail only allowes usernames between 6 and 30 characters (and doesn't allow + in username). I would assume that this was true even before this strip and it's not so hard to verify, so Randal probably speaks about addresses like JoeSmith@gmail.com being mistakenly used by other Joe Smiths. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 08:55, 18 October 2013 (UTC)

I don't get this. When you're creating an account, every e-mail service provider checks to see if the username is available, and only lets you create an account if your username's unique. This kind of issue can happen if you then go around and enter a wrong e-mail ID whenever you sign up for something, or if the company automatically assumes an e-mail ID without asking you (I don't think the latter happens). It shouldn't matter if a provider (GMail for instance) ignores everything after a certain character (+) while determining recepient, or even if it ignores an entire character (.) - all this should've been taken care of when you signed up in the first place. [[Special:Contributions/220.224.246.97|220.224.246.97]] 08:50, 18 October 2013 (UTC)

:Exactly, it's about entering wrong e-mail ID. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 08:55, 18 October 2013 (UTC)

I'm pretty sure the "+" in the comic refers to a simple concatenation of first initial and last name (e.g., <code>rmunroe@gmail.com</code>), not a literal <code>+</code> character (as in <code>r+munroe@gmail.com</code>). [[Special:Contributions/130.225.98.201|130.225.98.201]] 09:04, 18 October 2013 (UTC)
:No, because then it should be ''<code>[First initial][Last name]@gmail.com</code>'' instead of ''<code>[First initial]+[Last name]@gmail.com</code>''.--[[User:Dgbrt|Dgbrt]] ([[User talk:Dgbrt|talk]]) 10:20, 18 October 2013 (UTC)
::Taking the plus sign as a literal character does not make very much sense. GMail would ignore ''<code>[Last name]</code>'' behind it and deliver the message to ''<code>[First initial]@gmail.com</code>'', which is no valid address at all due to the limit of 6 characters. Also, it is fairly uncommon to use a plus sign in an email address, and the joke of the comic relies on the pattern being generic. [[User:LotharW|LotharW]] ([[User talk:LotharW|talk]]) 11:28, 18 October 2013 (UTC)

The point of the comic is that old people forget their email address and regularly give other people the wrong email address. So when they register for something, like online notifications of a phone bill, Joe Smith puts down JSmith@gmail.com even though his email address is a different variation on that. [[Special:Contributions/69.143.178.218|69.143.178.218]]
:Some of them might not even ''have'' an email address. They might easily believe that email addresses are assigned automatically, somewhat like street addresses or telephone numbers. Which is not so very far-fetched, since in the early days of the Internet your provider gave you an email address when you signed up for an Internet connection. Many might also think that an email address is reserved for the person with the corresponding name, instead of their having to claim it. [[User:LotharW|LotharW]] ([[User talk:LotharW|talk]]) 12:17, 18 October 2013 (UTC)
::I can definitely tell you as the owner of a common-pattern email address: it's not just old people. I've had bank statements, insults, and declarations of love, thrown at me that were definitely intended for someone half my age. [[Special:Contributions/131.107.174.244|131.107.174.244]] 18:37, 21 October 2013 (UTC)

[First Initial]+[Last Name] is the same as [ FIailnrst]+[ LNaemst]. Then he is clearly referring to names such as IrinaN or FanniL. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 13:24, 18 October 2013 (UTC) <small>This is a joke, and the plus sign means concatenation.</small>

:I don't get it. How is [First Initial]+[Last Name] the same as [ FIailnrst]+[ LNaemst]? That isn't concatenation, it is scrambling. &#126;&#126;&#126;&#126;{{unsigned|Stilbene}}

::Regular Expressions character classes {{unsigned ip|108.162.216.88}}

The plus sign is clearly an indication of concatenation and not meant as a literal character. [[Special:Contributions/184.66.160.91|184.66.160.91]] 14:29, 18 October 2013 (UTC)

This sentence is false, and I deleted it:
:The problem is intensified by the fact that providers like {{w|Google Mail}}, which has become synonymous with email services, regard certain alterations as variations of the same address. For example, Google Mail ignores the dot character and does not allow hyphens and underscores, although they are valid characters for email addresses. Ironically, these restrictions are supposed to prevent fraud, but instead lead to problems like the one described in the comic.
If the addresses jsmith@gmail.com, j.smith@gmail.com, j-smith@gmail.com and j_smith@gmail.com belonged to different persons the problem exposed in the comic would be increased, not decreased. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 15:04, 18 October 2013 (UTC)
:You should consider the context: The sentence you deleted appeared after
::Most internet users face at some point the message that their desired email address is "already taken". [...]
:And ''that'' problem is made worse by not allowing any variation in the address. [[User:LotharW|LotharW]] ([[User talk:LotharW|talk]]) 16:56, 18 October 2013 (UTC)

The second scenario presented in the explanation has nothing to do with ''reverse identity theft''. The idea is that the victim is exposing their own identity by assuming someone else's address. A third party sending emails to the wrong recipient (thus exposing the victim) is very unfortunate, but there is nothing '''reverse''' about it. [[User:LotharW|LotharW]] ([[User talk:LotharW|talk]]) 17:06, 18 October 2013 (UTC)

:I think the "reverse" nature is that instead of the THEIF going out and hacking the VICTIM'S email to learn their identity and steal information, the VICTIM is the one delivering the information to the THEIF'S email account. [[Special:Contributions/70.31.8.40|70.31.8.40]] 14:08, 21 October 2013 (UTC)

It's worth noting that the name "Randall" peaked in popularity in the 1950s, so most people with that name are older than Randall Munroe. This isn't just an "old person" thing. My name peaked in popularity in the 80s and 90s, so I get a lot of people in their 20s and 30s signing up for stuff with my e-mail address. {{unsigned ip|162.158.6.230}}

I can't imagine how morbidly funny it would be if someone named Edward Coli did this. ~Cye from #team cyeborg

As I'm passing, a true story. My Mum had been piggybacking on the family home's sole email of <firstname><lastname>@<isp>.<tld> that was set up by  Dad, in various online interest-groups she gradually got involved in over the years. He died a few years ago and she decided she finally wanted her own address (apart from everything else, Dad's address was being spammed quite a bit, so keeping it for checking at leisure for real 'legacy' communications but otherwise getting a clean sheet and telling regular contacts to slightly change their addressbook entry for her made a lot of sense), so tried adding <hername><lastname>@... on the same ISP. Found that already taken! Despite a quite rare surname and though a major ISP, hardly gmail.com in reach. Compromised with some semi-random digits. Shortly afterwards, I went with her to get a new washing machine, and she all too easily succumbed to the salesperson's request for her email, and I wasn't quick enough to politely stop her. But I waited until we left the shop to tell her a) She probably shouldn't have, as it would mostly mean more spam, and b) it was ok, as she'd given the <hername><lastname>@... one. Nothing important would get sent there, and we wouldn't be seeing it anyway! [[Special:Contributions/172.70.86.22|172.70.86.22]] 01:51, 1 February 2022 (UTC)