I’ve had a few folks use my email. This is going to prove wildly unpopular but I just reset the password using the email, go in and delete the account (or submit a ticket with support to do so).
They can make a new one with their own email if it’s important.
Not wildly unpopular with me. I’ve canceled multiple Netflix accounts using my $firstInitial$lastName@gmail account. My excuse if they ever challenged me would be to say I thought it was fraudulent because I didn’t set it up and I didn’t want my email to be the only contact method.
Edit: there is one boost mobile customer who has done this to me and I can’t figure out the exact address they used (the thing where you can add periods gives a lot of possibilities), and I really wish I could password reset and close this account because approximately every other month for years I get late payment notices, then impending cutoff notices, then cutoff notices, then “thank you for your payment your service has been restored” notices. It’s both sad and annoying and I finally just black-holed everything from boost mobile and hope I never decide to be their customer in the future because troubleshooting mail delivery problems when I’ve forgotten about this will drive me insane.
I have had this happen to me as well. It was pretty annoying. Somebody used my name for a Twitch account. I wanted to do things the 'right way' so I didn't verify the email, didn't log in and change their password -- I contacted customer support instead (mostly just to see how it would work -- I have a very unusual name, so this is a kind of rare event for me). It took them, I think, years to delete the thing.
I've never really been 100% sure if changing the password and logging in to delete the account would violate the CFAA. I mean nobody would have gone after me for a Twitch account anyway, and I'd definitely have felt moral deleting the thing, but the letter of the law...
If the only identifier on the account is your email address then:
- The account effectively belongs to you anyway.
- The person who created it isn't going to be able to recover it if they lose their password, better they know about this sooner than later by you locking them out.
I don't think the first one is actually obvious. An account was set up. It is on Twitch's computers, and it has a password designed to keep me out. Twitch thinks they have allowed in some other person (who's agreed to their licensing agreements, etc). It seems to me that I'd be circumventing their account system using the fact that I happen to control the password recovery mechanism.
I mean this is essentially silly, because almost certainly what has happened (given my weird name that nobody would normally stumble across) is that my email address has become listed in some database and somebody has decided to use it to sign up for services for shady reasons. So I'm not arguing that I couldn't have gotten away with it. Definitely I could have. But I think it is an interesting reflection on these signup systems and how they might interact with the CFAA, that this weird situation can occur.
If you still get emails from them you can open the email source on GMail and see where the email was originally sent to (the full address) with all dots and +x addition in it.
> This is going to prove wildly unpopular but I just reset the password using the email
As someone who has done this too, I wouldn't be surprised if it violates some misuse of computers act - but I'd rather that than be responsible for the security of someone else's finances
They can make a new one with their own email if it’s important.