Who said they were in India?
I think most of the customer reps are in India. At least everyone I have talked to in the last two years had an Indian accent.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Who said they were in India?
I think most of the customer reps are in India. At least everyone I have talked to in the last two years had an Indian accent.
I think most of the customer reps are in India. At least everyone I have talked to in the last two years had an Indian accent.
Some are from the Philippines.
Virgin Mobile's garbage customer service is one of the reasons I left them. Look at all the trouble on this thread. I would never give out my pin in an email, only with a customer service call.
But this is what people have an issue with, there is no reason for Customer Service to have access to your password; not to mention that isn't the type of information you want to be giving over the phone or in an email (which are not secure).
With a postpaid carrier that'd be true, but Virgin Mobile doesn't require any of that and I'm sure not putting all that info in their system. If I do, I sure don't want a CSR to be able to see it.There are other means to verify an account other than asking for the account password. A few are: the last 4 digits on your credit card (if you have one), the first and last name on the account, the alternate phone number, parts of the home address, birthday etc. etc. etc. Generally no major company will ever ever ever ask you for your password.
Please do not misplace trust like that. It happens all the time, and even when encrypted there are failures often enough. VM is a most likely candidate, BTW.I respectfully disagree. No company would be so stupid that they would leave account passwords unencrypted on a database.
That's just trouble waiting to happen. If they want to verify then they can ask for my zip code, the last 4 digits of my SS#, the last 4 digits of my credit card, or they can return my call at my home number. There are far too many ways to verify an account. They do not need my password.
Anyone who didn't read this post, please click the link to go back and read it.TL/DR: It's OK to give out your PIN as long as you do it under the right circumstances. Adding a second password doesn't change that and wouldn't significantly deter someone with bad intentions from getting into your account. In practice, having two passwords makes their job easier.
{really long, accurate, informative post}
I have never had to give my pin/password to any other company. Google CS has never asked for my password, Blizzard CS has never asked for my password, Comcast CS has never asked for my password, Sprint CS has never asked for my password, ebay CS has never asked for my password, Amazon CS has never asked for my password, Vonage CS has never asked for my password, VMUSA always asks for my password.
...nor should there be enough data in your VM account to do any damage to you other than what can be done to your VM account.Everyones being paranoid. They're not going to steal your identity!
Exactly what I was saying! With e-mail, you are never completely sure who it is going to and who is going to see it.
Famous saying "Never put anything is writing, that can be communicated verbally!"
Yup...anything in e-mail can be forwarded to the wrong person or can be seen by the wrong person.
Also any e-mail sent to a corporate e-mail address can not only be seen by the intended recipient, but also the customer reps supervisor, and the company IT Department.
Theoretically, all it would take is one disgruntled employee in the IT Department to view the e-mails and hack the account.
Also, e-mail accounts can be hacked by cyber attacks. Both personal accounts (Gmail, Hotmail, Yahoo, etc.) and corporate e-mail accounts.
You guys thought this thread was dead, eh? It's baaaack!
Professionally I am a network administrator. Outside of work I moderate a few forums. Password security is a HUGE issue for me. Every day I am disappointed in the failures of my peers to keep their databases secure and to use safe practices. Every day I am disappointed in my users when I find out how awful their passwords are (because, even though I insist that they never tell me, they tell me anyway -- I DON'T WANT TO KNOW! Or, like today, someone had to speak it to be able to type it.).
Keeping that in mind, your TLDR of this post is that tcomotcom is 100% right, you folks are misplacing your concern. Go ahead and give VM your PIN. I'll even go as far as to say you might as well email it; it's already far less secure than plaintext SMTP email in your account whose password is "password" anyway.
Your VM account PIN is not the same as a password for other types of accounts.
Let's face it folks, we're not with VM because they're a class act...we're with VM because we're short-budgeted. I don't trust VM at all, and I wouldn't even if they had a decent security system instead of a single 6-digit numeric PIN that could be bruteforced in a scant few minutes.
With a postpaid carrier that'd be true, but Virgin Mobile doesn't require any of that and I'm sure not putting all that info in their system. If I do, I sure don't want a CSR to be able to see it.
Please do not misplace trust like that. It happens all the time, and even when encrypted there are failures often enough. VM is a most likely candidate, BTW.
No way, no how, will VM get my SSN. Yikes.
Anyone who didn't read this post, please click the link to go back and read it.
Off the top of my head, I can think of two: Before I had VM I had Sprint and they had a PIN that they needed to verify before they would talk to me (it was different from my web account access password but that's a null issue as tcomotcom explained), and Cox cable too.
...nor should there be enough data in your VM account to do any damage to you other than what can be done to your VM account.
That said, it shouldn't be downplayed too much. Someone with access to your account can hijack your phone number. Your caller ID is used as security at plenty of other accounts who don't ask for a PIN, so then they can gain access to those accounts, as well as use all manner of social engineering tactics to gain access to other parts of your personal life by posing as you.
If a disgruntled network administrator wants to compromise your VM account he doesn't need you to send your PIN in email to do it. Any way that you access your VM account from work, he can compromise. If you are doing this stuff from work then you are trusting your IT staff. Information Technology department might as well be Information Gods department, given sufficient motivation and skills they can do anything. (They can also be blamed for anything, which really stinks, and which is why I avoid knowing others' passwords.) Go home to do your personal stuff; your ISP has less ability to abuse your trust than your IT department and is prevented from doing so by law, while your IT department is legally allowed and you probably signed for it too (the company owns the equipment and services and has the right to control them however they see fit).
Edit: To clarify - IT folks have the right to monitor/record, but certainly not the right to abuse the information. Besides legal ramifications for misuse of such data, they also have a career to worry about. Still it's best to do personal stuff from home, and avoid pissing off an IT guy whose morals you question.
you folks are misplacing your concern. Go ahead and give VM your PIN. I'll even go as far as to say you might as well email it; it's already far less secure than plaintext SMTP email in your account whose password is "password" anyway.
Apologies.. the rest was TLDR.
Will I give out a password and/or pin to a company in email? No.
Will I give out a password and/or pin to a company via Twitter? No.
Will I give out a password and/or pin to a company via Facebook? No
Will I give out a password and/or pin via telephone if a company has called me? No.
I spent way too many years as a server administrator to web hosting clients, and too many years doing side work for neighbors to fix up their computers/laptops (cleaning nasties and securing them) to know better than to do any of the above. Being a server admin and seeing the things that I've seen and experienced first hand, there's no way I would give out any personal information via the above mediums. Especially email.
Will I give out a password and/or pin via telephone when I have called the company myself? Absolutely.
Not everyone is going to agree with me, and that's OK. Some may say I'm over doing it or being too anal, and that's OK. The above methods work for me and that is really all I am concerned with. My personal security methods are what they are. My methods, and not everyone has to follow those.