A second email referring to another wine that I reviewed after the September 2019 press tasting
This is a strange one as the company if you Google on a private window come up as a bona fide review platform, not only did they have my email, a wine I had reviewed but also the correct first letter of my surname, they must have access to information on the TWS site for all that, phishing is just that a computerised scan.
I got 4.
Forwarded them to member services after contacting WS HQ.
On the website sneak peak call yesterday it was mentioned that TWS have integrated a third party review platform into the new site. No names but my guess now is yotpo, and as part of the webdev prep something has gone a bit wrong and all these emails are spilling out. Someone is having a bad day.
They insert hidden code into valid pages on legitimate websites and even insert complete pages into legitimate websites. We had this done to our site once and it took some work to clean all the code out and put new access logins in place. A right royal pain!
I just had an apologetic email from Member Services in response to my query to say it was an error caused by something they are working up and not to worry! There is no data breach. They are drafting an email to members.
We can all be clever with hindsight, I did not click but it still looked to good to be scam, though into the scam box it went.
The trouble today as Mike says is they are getting very good at scamming, the bloody phone since we moved has endless requests etc to click on this that the other and I have TPS which previously worked well and am ex directory, the whole thing is a pain.
Yes, Scamazon is my pet hate on the phone!
TWS are on the case
We’re contacting you as you may have received one or multiple emails from Yotpo. If so, please accept our apologies. There has been an error while we were trying to integrate a new online review system, but unfortunately the system inadvertently picked up a record of reviews that you’ve previously submitted.
We understand that this may well have looked suspicious, and so would like to reassure you that there has been no data breach of any kind and your details are secure. If you have filled out the request from this email, then the data will only be within our systems.
Thank you for your understanding and once again, we apologise for any inconvenience or alarm.
Member Services Manager
I can highly recommend one of the BT call blocker phones. Mine is set to only allow calls with a revealed number straight through. Calls with a withheld number must ‘announce’ themselves and you can accept or not. Since I’ve had this my scam/spam calls have dropped to pretty much zero. You can also set it to require announcement for calls from any numbers not in the contacts programmed into the phone. My mum has hers set to this but it’s not practical for me where I have a lot of business calls coming in. It really does do the job where I have found TPS inadequate.
I’m relieved that it wasn’t a serious problem AND the Society were quick enough to tell us there was nothing to worry about.
So for the Scots - the English.
And for the English - the Scots.
Happy atop my piece of Larchlap.
This suggests that TWS has transferred members’ emails to an outside company. What precautions has it taken?
Presumably all that are required per GDPR (i.e. quite a lot)
I suggest that you email and get an answer.
I am already involved in one series of complaints (failure to tell me that an order would not be ready for collection; sending the order out for delivery when it did come in, although we had agreed another date for collection, with another order; failure to answer emails). I will ask about this, but will wait until the current problem is solved. I hope someone else will follow it up. I admire @danchaq’s optimism.
Having been involved (not in the detail, thankfully) with GDPR work in the run-up to implementation, I don’t think it optimism. The requirements are stringent and the penalties meaningful.
EDIT: But by all means, do follow up yourself if you feel the need. It’s your data after all, no one else’s.
To err is to be human, to really foul things up… takes a computer. Thought the old adage deserved to get out once again.
Out of curiosity… don’t they do ‘sandbox’ trial runs of new code any more ?
You would guess that the new TWS site is in a test environment but it’s been integrated with a production environment of the review platform. The test TWS site has our real data in there and perhaps that’s where the issue lay.
That, or someone forgot to flip the
development/live switch on the review platform.
Either way, I’m sure there’s a mortified developer out there somewhere.
Not sure it’s just optimism, it’s the law!
And this doesn’t mean any data has been transferred, it’s possible to integrate a third party software without actually transferring data by using the tools provided.
I also received a couple for Champagne too… nothing from TWS afterwards though.