For changing the password

[Phenolet]

Someone in the United States has been using my email address for their Arbonne account (I'm pretty sure it's a multi level marketing company).

Every once in a while I get emails confirming their order of vitamin sachets and grooming products. It doesn't really bother me as it's only this one company, it's not like this person uses my email address for everything.

Today however, I decided to log in to that person's account and change the password after another email confirming order. I figured they wouldn't be able to log in and then they'd have to open up a new account using their own email address.

However, I now feel bad about it. I was petty and should have just left it. As I said, it's not as if it's a huge inconvenience to me.

What do you think? Was I unreasonable and mean for doing this?

How is the stranger expected to create a new account when her registered credit card is registered on the site already under her previous account? The account she's now been locked out of?

This happened to me with someone’s air b&b account, I feel bad every time I get an email about one of their bookings! It’s a guy that books but he must think he’s using his partners email address, I’ve noticed from the booking that her name is very similar to mine.
I can’t understand why he doesn’t check why they never get the confirmation.

The account was registered to OP's email address so it's her account.

It'd be interesting to know how the account was verified.

I'd have probably emailed customer services myself but the OP certainly isn't petty.

You’re talking nonsense. The stranger used OP’s email address! For the moment it’s just an annoying inconvenience but depending on what they get up to in the future could lead to all sorts of problems, for example if they were to use your email address for some less savoury activity. Hitting “unsubscribe” will stop the emails but won’t get to the root of the problem.

OP is there any way you can contact either the “stranger” or the company? Speaking personally I wouldn’t be happy to let it lie.

An email, is an electronic address and yes if you steal someone’s email that is a form of identity theft. The OP is assuming that this stranger cannot access the email account, chances are they both can. OP should change her email address password as well. Email addresses are not anonymous. They are often used to verify identity by many government and banking organisations. I’ve had my email address stolen before and the thief attempted to hack some of my other accounts using it. It’s not something you ignore. It’s no different from getting debt collection letters through the post at your home because someone’s using your home address.

How is the stranger expected to create a new account when her registered credit card is registered on the site already under her previous account? The account she's now been locked out of?

You can use the same card on multiple accounts. You can't use the same email address.

How is the stranger expected to create a new account when her registered credit card is registered on the site already under her previous account? The account she's now been locked out of?

This is not how online shopping works. You don't have to save a credit card to create an account, unless it's a subscription service, and even if you choose to, you can save card details against multiple accounts if you choose to.

The stranger may not have had their payment details saved to the account. Even if they had, they can always cancel that card and get a new one from their bank or credit card company.

What? I have 3 or 4 accounts on some websites using different email addresses with the same credit card, there is nothing to stop you doing this.

The account did belong to her as it was set up using her personal email address by an identity thief. The stranger is the thief, not the OP.

That's not the same thing at all.

"Your" thief was attempting to hack you by maliciously using your email address for their own gains (I'm assuming).

"OP's" stranger has set up an account with all of their own personal details in and has very obviously made an error when setting up. In your scenario, if the stranger used the wrong email on purpose, it just doesn't make any logical sense when all the information in the account is linked back to the stranger.

Ugh I had something similar once - someone with similar name went to a wedding fair 300 miles from where I live, gave their email address to the organisers and agreed for every company there to send details.

Except it wasn't their email address, it was mine. There was some tiny difference like a full stop or an underscore. I was bombarded with wedding advertising. Some of the companies did idiotic things like using Cc instead of bcc so my email got spread to more and more people.

I tried doing unsubscribe but it was interesting how often this was ignored or wasn't available!

Gosh, there a lot of people okay with casual fraud, it seems. As long as it's against a stranger and nobody they know and care about.

I think you might want to look into the definition of fraud. This isn't it

But all the information in the account does not lead back to the stranger, the email address is the OPs email address.

And malicious intent vs oblivious error matters for criminal culpability, it doesn’t change the fact that the stranger has still committed identity theft.

Just like if you use the self scan and purposely steal some food vs, you thought an item had scanned but it didn’t so you accidentally steal some food. You have still shoplifted! Accidental or with intent, you’ve still stolen.

You really don’t know what fraud is.

Quick, call 999

You're posting nonsense - no one has advocated "casual fraud", or any other kind.

OP. You haven't completed the task yet. You do need to ALSO report it in the relevant countries through fraud reporting channels, and to the company itself. Don't be fobbed off.

I did this with the knobhead who used my e-mail address to register their ring doorbell in the US. Now they will be able to register it properly, using their actual e-mail address, not mine.

How did you get into their account?

The fact they mistakenly gave your email address instead of their own only means you get their emails. It doesn't mean you know their password.

Let's stop with the melodrama.

OP has not committed fraud nor does she intend to commit fraud. If she handed herself into the police for her actions they would laugh and tell her to go home.

You click 'forgot my password' and get a reset link?

YANBU. I get emails all the time related to someone who I believe has the “.com” version of my email address which is “.co.uk”. I used to email the sender back each time telling them this was the wrong address but it never made any difference so now I mark everything as junk and hope it inconveniences her.

I’ve had work related stuff, personal stuff (the 4 million hen party round robin emails were a low point, I just couldn’t get myself removed from that sodding list), flight and accommodation booking confirmations etc. I’m sure if I wanted to steal her identity in some way I probably could.

I assume she logged in with her email and clicked "forgot password", upon which she would have received an email to her own email address to change the password.