I was trying to make a withdrawal from my Cashrewards account. The process sent an SMS code to my registered mobile number. However, I don't have that number anymore. (It was from a cheap short term starter SIM). I emailed Customer Service and was asked to provide proof of ID. I don't like emailing ID (correct me if I am wrong but I think it is not encrypted). Also, my Cashrewards doesn't even have my full name and the DOB box is empty so I don't know if there is any point in verifying something that doesn't match. Any ideas? TA?
Cashrewards Proof of ID for Change of Mobile Number
Related Stores
Comments
If it was a scammer contacting cashrewards trying to impersonate you, what would you want cashrewards to do in that instance?
Sending some id at least provides a barrier to changing account details if you've lost your second factor option. (No idea how well they will verify it etc but it's 'something')
Ask if you can send an id image with some important details crossed out like card or licence number etc
I'm not an expert in online security but maybe process the withdrawal to the saved bank account. I am not changing bank account details. Similar to transferring money to a saved payee with online banking without 2FA.
I opened the Cashrewards account many years ago and haven't put my legal name on it. The amount of money is not large (does anyone leave a large amount of money on Cashrewards?) and I can forgo it but my OzBargainer mentality tells me I should try to claim it. Haha
No regrats, at least didn't buy a 1BR from an auction.
Don't use a burner number for 2fa…
How else would you be able to tell where your spam calls and text are coming from?
You have a diff number for each store/business? Come on.
I want to, yes; so I can find out who keeps calling me and then abruptly hangs up as soon as I pick up….and find out where I had that number in and then know it was them who shared my number to some third party or used the number themselves…..
@Zachary: So you're going to have a 100 phones, or 50 if dual sim, lying around, fully charged at all times?
Cashrewards is basically run by some guy out of his basement fyi…
Actually, there's at least 6 guys running the show - David, Jawrdan, Simone, Jackie, Feraida and Andrew….unless these are all aliases for the one guy in the basement…..plus they're making some pretty dough……over 5 million last I read….doubt anyone making over 5 million would still live in the basement of their mother's house to do business in….maybe if you're an ozbargainer….reducing cost to the absolute minimum disregarding any dignity, comfort any other luxuries that doesn't need to be had to function as a business.
Sounds like daddy funded their little business mate
ShopBack employee spotted!
I didn't see you at any of the OzBargain birthday parties they hosted. A real shame because scotty was so happy with the cake.
I don't like emailing ID (correct me if I am wrong but I think it is not encrypted
Emails use SSL/TLS which the same encryption used by all the major banks, government websites, Amazon, eBay, PayPal, ShopBack, etc.
Emails use SSL/TLS
while your email may be 'encrypted' between you and the mail server depending on client etc (e.g using gmail via a web browser, its https to 'gmail') but there is zero guarantees of any secure connections between email servers or the final email server and the recipient, or any control over which email servers the email may bounce through
make ur own email server and send them in? or somehow have the email server go direct contact to cashreward's email servers without hopping on intermediary servers?
There is no guarantee that the recipient will receive the mail from your server to his device encrypted.
@Blue Cat: …so then how does one securely send something that IS guaranteed to the recipient?
@Zachary: PGP mail encryption, but that requires above average tech literacy to send and receive mail, which might be too much for a simple tech support guy, especially if it's outsourced overseas. Or probably not even allowed by the company or it's policies, or even completely unheard of for them.
It is not widely used at all because 99.99% of the population don't care about privacy so the current state of "just werks" email systems is all we need at the moment.
@Blue Cat: ok, if i were to email you something that i want only you to read and no one else, what are the steps to do so using this pgp mail encryption?
@Zachary: I don't know much details as I read this up a year ago on one of those "privacy nut" posts on reddit.
This graph explains it in the most simple way possible and this website explains it in detail.
Basically, I don't see this getting popular anytime soon, because nobody wants to "exchange" keys before they send an email to someone.
@Blue Cat: …im guessing you dont use it yourself since you're not able to explain it in your own words but to direct me to a link where you have read it or somewhere else that may be more helpful…..
ok, so ive read a bit of that on your links….
- content of the email is obfuscated with some hash which needs to be decrypted with your private key that was enrypted using your public key, instead of the usual actual content
- email headers are still exposed, so people who want to read you emails by hacking your line or the node it goes through will be able to tell who sent it and to whom and other stuff in the header
- Apparently not user friendly to do the encryption and the decryption….
- was used in ransomware due to its unbreakable chain probably why you can easily decrypt files that were encrypted with ransomeware…..
- a few email clients uses this, most notable is protonmail
So I looked up some security mail services and messafe safe is also one that's bound to security and privacy at its core. Development/support team seems to be …a bit dead lately…..so if you want to find out the details use to get it working on a 3rd party email client like outlook or protonmail, gg….
I'm somewhat keen on trying this out, would you like to be my test partner?
if i were to email you something that i want only you to read and no one else
compress it with encryption/password using something like 7-zip and email that, supplying the password via an alternate communications method (eg phone call)
upload it somewhere like google drive and share it as a file requiring a password to access it, again supplying the password via an alternate comms method
Please PM me and we'll discuss an alternative method offline so you're able to change your mobile number. Thanks.
Thanks for sorting it out for me. I've updated the mobile number and have activated 2FA.
so what method did u end up using offlinely?
I have the same issue..what is the alternative method?
100% correct as email is not secure. Your mail can be sent through an unknown number of email servers before it gets to the recipient.
If they give you a PGP key you can encrypt the email and it is secure as only they can decrypt it without using brute force and allot of CPU/GPU resources.