Blind Security: A case of site intimidation

Every once in a while, a web site will try to convince you to change your security settings.  I was looking for blinds the other day, and I found a web site that had a great deal.  When I tried to customize the blinds, I was presented with this web page informing me that I needed to modify my cookie settings for first and third-party cookies for the site to work. I tried the site in a few browsers, and this page came up each time I tried to modify my selection. This should be a red flag to leave the site immediately.  It doesn’t matter what the reason is, possibly outdated code or incorrect security settings.  Either way, changing your security settings can make your machine vulnerable to attack.

I’ll leave the name of the company out but here is a screenshot of the page.   I sent the company an email about this I I sent them an email four days ago, but I have not received a response. Here is a copy of the email I sent them.

I have to tell you that I am extremely displeased with your web site.  I wanted to get a quote for blinds from you but I was presented with a page that requested I modify my browser security settings.  I tried it on Firefox and IE on my PC and neither worked so I tried it Firefox and Safari on my Mac, and it still did not work with my settings.  There is a reason why computers block the content you have on your site and that is because it is a security risk.  For you to force people to modify their security settings to use your site makes all your customers unsafe, and I think it is very reprehensible.  It opens them up to an attack or loss of privacy from future sites they may visit even if your own site has no malicious intent.  I would strongly encourage you to update your site so that it does not require this feature. You are doing a disservice to your customers.  Sincerely, Eric Vanderburg   Don’t let a site intimidate you into changing your browser security settings just to use the site.  It may look like a good deal but there could be some “hidden fees” such as personal information harvesting.  Just go to another site instead.  Companies, protect company data and your employees by enforcing browser security controls through group policies.  This way users will not be able to modify their browser security even if a web site tries to convince them to make a change.

Share Button

6 thoughts on “Blind Security: A case of site intimidation

    • This is a question you should ask your attorney. I am not qualified to answer it. My first thought is that you would not be liable but many blogs are moderated and so there could be a gray area if you approve the posting of a comment. As I said, though, I am not the right person to ask on the subject. Thanks for reading JurInnov security spotlight.

      View Comment

Leave a Reply