It is very easy to point and laugh at other people's stupidity, right up until you get caught out yourself. Ask me how I know.
I got stung once in a phishing exercise at work. We were told to expect a third-party email for some new system or other, then the email arrived, my partner was talking to me so I wasn't really paying attention when I opened it, ha ha you've just been phished. As phishing training goes it was a shitty trick, but then criminals don't play by the rules either. Not to blow my own trumpet but I'd like to think I'm more tech- and security-savvy than most, and a moment's inattention was sufficient for me to have my pants pulled down.
I blogged about this, should anyone care:
https://blueteamhackers.com/you-do-phishing-tests-redux/
Thanks, interesting responses to my question, didn’t cross my mind to tell lease company to ask hotel for the fee at the time. If similar ever happens again I might be not so willing to stomach it.
My thinking is, who has contracts with whom?
You have a relationship with the hotel. The hotel has a relationship with the parking enforcement company. (You also have a relationship with the vehicle lease company, but they are not at fault here.)
A mistake has been made, you take it up with the hotel. If they decide they're at fault then they accept liability. If they decide the parking company is at fault, then they reimburse you and seek redress from the company they're employing to enforce the car park.
Whether that has any legal bearing I don't know, but the logic is broadly how consumer law works.
@cougar the motorist has a contract with the parking enforcement company. The motorist will also have a contract with their lease company. The two are seperate. The hotel guest also has a contract with the hotel but parking enforcement is seperate to that. The parking enforcement company also has a contract with the hotel but that has no bearing on the lease company or parking enforcement.
Hope that helps (laughing emoji).
It is very easy to point and laugh at other people’s stupidity, right up until you get caught out yourself. Ask me how I know.
Exactly this. I parked up, looked at phone, saw message, knew I'd done some dodgy parking earlier in the day (broken machine), other half had just left car and headed to the bog, I thought I'd quickly sort the issue rather than dwell on the problem being a decent (occasionally thick) person. Clever enough tho to call my bank and discuss the problem, changed the virtual card number and cancelled internet purchases with the card number.
I'll nuke the card when I'm orbital and learn from the experience.
Plus I'll read every topic on stw just to keep abreast of every situation known to man. Winky eye.
It looks like the "DVSA" phishing message is doing the rounds...
I got this just now:
Bloody delinquent, deserve everything you get 🙂
I got stung once in a phishing exercise at work. We were told to expect a third-party email for some new system or other, then the email arrived, my partner was talking to me so I wasn’t really paying attention when I opened it, ha ha you’ve just been phished.
My work partakes in similar activity to try and snare folk, with the expected results.
However, conversely they also circulated a company-wide e-mail claiming to be a link to DP and Internet Security training, which (almost) everyone in my office immediately flagged as dodgy and deleted it. Turns out it was genuine and was from a new 3rd party training provider, but IT had failed to tell anyone this... in some ways it proved that some previous training is sinking in!
My work partakes in similar activity to try and snare folk, with the expected results.
However, conversely they also circulated a company-wide e-mail claiming to be a link to DP and Internet Security training, which (almost) everyone in my office immediately flagged as dodgy and deleted it. Turns out it was genuine and was from a new 3rd party training provider, but IT had failed to tell anyone this… in some ways it proved that some previous training is sinking in!
We had a very similar thing at work a while back... snotty email from HR to basically the whole company "this training is mandatory, uptake has been dissapointing" etc, etc...
Basically everyone else: "we're not doing it because it looks like phishing/spam".
I've got to admit, there's something quite glorious about running a phishing exercise disguised as a "mandatory security training" email. If it had been a real exercise, someone in IT would be having a right giggle about that.
