Just a friendly reminder to never purchase anything on a site that isn’t using a SSL certificate (preferably 2048 bit). I can’t tell you how many small/medium sized wineries (discovered one tonight) aren’t using SSL at all on their sites. Being in IT Security, it is very disconcerting to know that some winemakers/owners aren’t thinking about this. Until they wake up and realize how insecure their systems are, I won’t purchase from them.
My rant for tonight. Sheesh!
Thanks for the tip.
My pet peeve is retailers whose systems retain my credit card data. It’s impossible in most cases to get them NOT to keep it. Even when they say they’d deleted it, I often find it there when I log in. I have zero confidence in relatively small retailers to have secure systems. The best hope is that the Russian hackers are focused on the Home Depots and Targets of the world because there is so much more data to be stolen there. But Wine Library in NJ had a bunch of card data stolen a year or two ago.
At this rate, we will all be getting new account/card numbers once or twice a year (between 2 separate accounts, I’ve now been issued 5 new cards in just over a year) or a new, more secure CC system will be in place soon.
Sometimes the wine guys are not so savvy about their websites. I got my list welcome today from a very well respected maker of Pinot. The link in their email sent me to their order form which was not SSL encrypted. However, I edited the link by adding the S on the HTTP and in fact, they do have SSL. So, try that before you give up but Preston’s tip is very good advice. Sanity check before you give details online.
Premier Cru (at least a few months ago) would e-mail your password to you if you forgot it, rather than just reset it. That is very bad. I e-mailed them to stop doing that, but not sure if they fixed it.
Yes, we got bitten by that one. Several charges for World of Warcraft (WoW) for IIRC $34.95 from all over the world. Fun times! Worked out in the end but what a PITA…