PSA: The Amazon wishlist doxing threat is much greater and more immediate than folks might realize. Attack works like this:
Stalker who wants your address opens an Amazon seller account and lists themselves as a third party seller for any item on your public wishlist. Then, they order the item from themselves as a gift for you. Bam, they have your address.
In particular, attack does not depend on an existing third party seller having poor PII handling hygiene, like the articles have implied.
@dalias I would have expected that wish listing something would mark that exact product from that exact seller as the thing you want. Like... I want this known authentic doodad from this known reputable seller.
Is that not the case?
@Ragashingo @dalias that's what they're taking away, as I understand it. So I think it's the case _now_, it will shortly _not_ be the case.
So if you're lucky, you can now get the same thing from a third-party seller. If you're mid-lucky, you can get something passing itself off as the same listing from a third-party scammer. If you're unlucky, your address gets leaked to a third-party stalker.
Clearly I wasn't the only person who read that mail this morning and thought "oh no".
@_calmdowndear @Ragashingo Amazon should have been stopped in their tracks when they first allowed third parties to link their counterfeit items as just being a different seller for the same genuine item, rather than a separate product listing.
The whole late-capitalist fascist hell we're in is a consequence of letting companies do things that were long-illegal and would have been prosecuted as racketeering if not for "with computers" tacked on to the business plan.
Cassandrich
Ragashingo
Gavin