Re: Refund
So you never do technical research, looking at white papers, on-line shopping, use webmail services etc.
And you never, ever access a new site when it's been recommended by a friend / colleague?
I worked on a project some years ago where the new corporate web site design had been commissioned via a very trendy agency and hidden away on the credits page was a link to a hacker site. It turned out the agency had subcontracted the build work and the end contractor was a 'grey hat' he funded his lifestyle by doing web dev tasks but performed what he considered ethical hacking. I never did find out his view on the cooperation I was working for and as he had been engaged by the Marketing Department my efforts to get his code removed from the web site cane to nothing.
Any web site is only as secure as the last dev who performed an update or maintenance. Devs can be malicious players or ma just not have security at the fore when they are under pressure.