Got an email from a bank saying my account has been put in a restricted state because they have been unable to reach me. Their emails reach me fine. They rarely send paper mail but when they do I can see that they have the correct address on file.

Then I looked closer at their email, examined the HTML, and found that they insert a tracker pixel in their messages. So if I were to use a graphical mail client with default configs, they would surreptitiously get a signal telling them my IP (thus whereabouts) and time of day every time I open my email from them. I use a text client so the tracker pixels get ignored.

Would a bank conclude from lack of tracker pixels signals that they are not reaching a customer, and then lock down their account?

I’m not going to call them and ask… fuck them for interrupting my day and making me dance. I don’t lick boots like that. I just wonder if anyone else who does not trigger tracker pixels has encountered this situation.

  • sunzu2
    link
    fedilink
    31 hour ago

    I don’t lick boots like that.

    🫡

    I just wonder if anyone else who does not trigger tracker pixels has encountered this situation.

    Not quite this bad but i won’t load their shiti trackers either and I have been notified that “is your email still active, we noticed you never open our mail”

    These creeps have no shame…

    You need to cancel your account and tell them why. Deny the parasite profit.

  • @[email protected]
    link
    fedilink
    53 hours ago

    I never even open emails from my credit union, the few I get.

    Change banks. Move to a credit union.

    I save $500/year in fees because I have multiple accounts and banks change for that.

    My credit union doesn’t care. Everything works the same, still have an app if I want, can do balance checks and transfers via text (and if I’m Sim-jacked, that’s disabled, I’ve tested it).

    If they see unusual transactions I’ll get a text and a phone call. I then call the number I have (not the one they give me) or login via the website (which uses 2 verification mechanisms).

  • @[email protected]
    link
    fedilink
    English
    6
    edit-2
    5 hours ago

    If there’s actually a problem with your account, and you ignore it, the only thing you’re accomplishing is putting any money you have in that account at risk. Why are you so bothered by your bank sending you an email using extremely common informatics technology, especially after you already planned for this and literally aren’t sending them any of the data you’re concerned about? Try calling them

  • @neatchee
    link
    219 hours ago

    There are so many ways these trackers can break and they are almost always anonymised as aggregate metadata anyway by the tracking service

    It is far more likely that they have been trying to call you or have expected some kind of response to the mail they are sending but have not received any contact from you in a long time

    • @[email protected]OPM
      link
      fedilink
      39 hours ago

      Can you explain why they would want to anonymise the tracker pixels? Doesn’t that defeat the purpose?

      • @[email protected]
        link
        fedilink
        77 hours ago

        One simple one is tracking how many people open an email. This is a really useful metric in of itself.

        • @[email protected]OPM
          link
          fedilink
          4
          edit-2
          5 hours ago

          I did not think of the marketing angle – although even then, knowing the times that each individual opens their mail and their location has value for personalized marketing.

          We are talking about banks in the case at hand. It’s unclear how many people have not come to the realization that bankers are now doing the job of cops. KYC/AML. In this particular sector, anonymization is unlikely. Banks have no limits on their snooping. They have a blank check and no consequences for overcollection. No restraint. When they get breached, they just sign people up for credit monitoring and any overcollection has the immunity of KYC law.

          At best, perhaps a marketing division would choose some canned bulk mailing service which happens to give them low resolution on engagement. But even that’s a stretch because anyone in the marketing business also wants to market their own service as making the most of data collection.

          • @coolkicks
            link
            English
            12 hours ago

            I’ve done quite a bit of work implementing abandoned property analytics and escheatment processes at multiple large finance firms, and marketing engagement isn’t part of the criteria.

            Banks want to keep your money at all costs, so even seeing that an email didn’t bounce back is enough of a sign of life to try to justify not escheating your assets to the state, which is part of the reason why marketing data isn’t part of the criteria.

      • @[email protected]
        link
        fedilink
        48 hours ago

        I don’t think most do and for sure don’t trust them and block them.

        But they’re also used to judge campaigns. You take a random, small subset of your mailing list, and a/b test by sending half one email and half a different email. The tracking pixels give you a good approximation of which gets more people to read it, and you use that headline for the rest of the list. You can also do the same thing just to generally keep an eye on what types of messages work best, etc.

        But fuck them, I’m not giving up privacy I can protect.

    • @[email protected]OPM
      link
      fedilink
      38 hours ago

      No that’s not it. My address is unique to the bank, full headers & path match up with other mail from them, and the means to reach them back correct (yes I examine every character for imposters using od -c).

  • @panicnow
    link
    17 minutes ago

    Apple’s mail client messes with tracking pixels and has for a few years now, but I have never seen had an issue from that. But I only use a handful of financial institutions so it might not be representative.

    In Apple’s implementation, the tracking pixels are all fetched at the server level so every tracking pixels fires as soon as the email hits the server regardless of whether I ever open the email. This is a different take on breaking the tracking than what you are doing, so it might result in a different outcome.