Stupidity in strange places

I just took my car in for repair at the dealer for some warranty work. My dealership does a lot of on-line stuff. They even have an open wireless network and workstations to use while waiting for car work to be done. So I received the following E-mail from them:

Customer No. #######
Your vehicle is complete and ready for pick up. Please look over the
attached invoice and call with any questions. If the invoice is correct,
you can reply with a credit card number and expiration date. I will run
the credit card number to help speed up the delivery process.
Thank You for Your Business. Jane Doe ###-###-#### ext ###

The biggest issue is the word “Reply” there is no link in the E-mail to go to a secure payment page. Have you ever looked over a dealership invoice? There is a lot of personal information on it about you and your car.

So I went to the dealership and talked to the manager. I was very happy that he listened to me and sent out some e-mails. The first was to stop using above text on invoices. The second was to ask his internal people if I was correct and what is PCI. Does anyone know if this would break PCI compliance?

Advertisement

Movie star teaching in Northeast Ohio!

The famed star of “The PCI ultimatum”, Dwayne Edwards, also of Dwayne’s world of security, is going to be teaching two classes at Corporate College East.

He may not teach us how to stop the robots but, then again it is Dwayne!

Hope to see you there.

Security Breaches – Executive Session – Cost $99

http://www.corporatecollege.com/Registration/CourseDetails.aspx?IG_ID=3&CAMP_ID=0&CAMP_NAME=(All%20Campus%20Locations)&PROG_ID=430&CMAS_ID=4119

 

Foundations of Information Security – Cost $595

http://www.corporatecollege.com/CourseDetails.aspx?IG_ID=3&CAMP_ID=0&CAMP_NAME=(All%20Campus%20Locations)&PROG_ID=446&CMAS_ID=4118