Newsletter forwarding , thanks for your account info!

I recently received an HTML email newsletter forwarded to me by a friend. The email was a great offer on hotel deals and thinking I might be interested, my friend forwarded it to me.

I usually just throw these things away. But an "account" link at the bottom caught my eye. Curious, I took a look. The link very conveniently took me directly to my friends account page, no login, no password, straight in! Once there I had access to his address , phone number, password, account settings and various other identity information that I'm sure my friend is not keen to disclose.

Including links like this that circumvent login pages is a bad practice on the part of the newsletter senders, but should also serve as a warning for people. Be very careful when forwarding email, especially HTML email as it may just be more personal an email than you really want to send to all your friends.

Lets be careful out there!