(CNS): Following recent warnings by the RCIPS Financial Crime Unit over bank scams one local charter boat operator is also warning fellow business owners that cyber attacks can be very real and very damaging. Dwight Ebanks, who owns Reel-esea Charters, told CNS that following what one of his staff members believed to be a genuine security notice from Yahoo asking for verification of his account’s user-name and password, the business online details were revealed. He said that as a result of a genuine mistake hackers have now taken full control of the company website and email accounts causing untold problems for his business.
Ebanks said that the scam email appeared very genuine to his member of staff who believed that Yahoo was making a legitimate request for the information as there was a real problem and the staff member made an honest mistake when they revealed the details of the company’s user details including the password.
“The scammers have now hacked into all my online business websites and email accounts, even the Facebook pages,” he said. “They are using my address to send requests for money to all of the people in my email address book saying I’m stuck in a hotel in Edinburgh and need people to send me money, which is of course not true.”
Ebanks said he wanted to warn other local businesses to make sure that they don’t give out their usernames and passwords to anyone, no matter how official it may look, and to warn all their staff about the potential scams as they are out there and that your business can be vulnerable.
“These scams are no joke. They have control of my email and my website. They’ve changed the password and all the security questions and even Yahoo can’t help as they point out there is no way for me to prove who I am so they can’t close the account. I want to warn other business not to give details to anyone no matter how authentic or genuine the request seems.”
Earlier this week the Financial Crime Unit warned the public not to give out bank information over the phone or via e-mail after two potential scamming incidents were reported to them on Tuesday 4 May.
The potential victims had received calls from a man claiming to be phoning from a UK bank. The man stated that someone they know was in the UK and needed additional money. He then asked the person he had called to divulge their bank details. The people who received the calls refused to give out details and made a police report.
Detective Chief Inspector Claudia Brady of the RCIPS Financial Crime Unit warned people to be vigilant when asked for bank details. “Never give out personal or banking details over the phone or via e-mail,” she said. “A genuine bank would never ask for this information therefore my advice to anyone who receives such a call is to refuse to give out details and immediately call the police.”
Anyone with any information is asked to call the Financial Crime Unit on 949-8797.
Sorry but anyone expecially an employee with basic computer skills and an ounce of common sense should know that it is a NO NO to divulge company information. XXXX
Three simple but telling observations here:
1. You used the same passwords for ALL these accounts? S-T-U-P-I-D!
2. You allowed an employee to respond to an obvious phishing scam – about which even the most newbie ‘net user is aware? S-……..
3. You are using a Yahoo account for BUSINESS? This is a violation of the basic TOS for Yahoo, and THAT is probably why they will not assist you! Anyone using a FREE e-mail account for BUSINESS is a real FOOL!
Suggestions:
Get a professional website hosting account (about US $75.00/year) and keep the access secure and confidential. Get a PAID e-mail account (about US $33.00/year – and with 20 ‘alias’ addresses included for *FREE*). Hey – No ads inserted into all of your e-mails (unless YOU insert them)!
You could have avoided all of these problems for less than CI $100.00 and been far more secure with just these common sense suggestions alone.
Gonna do business? Be BUSINESS LIKE and not so doggone CHEAP! This will be costing you 10s to 100’s of times these legitimate business costs and MUCH embarrassment. All of this could have been avoided with a little education and a very small annual expense!
I agree that using a yahoo mail account for business purposes is a little unprofessional, but not all people know about phishing scams. And the business owner may have had different passwords for each account. As you probably know, on many sites such as facebook, if you forget your user name you can request it be sent to your email address. So they probably got his other passwords and account information this way.
I agree, he should have been more careful. But don’t be too quick to judge…cause hindsight is 20/20.
Come on people this is the most basic of errors. People without the common sense to see phishing attacks like these are not competent enough to be working on computers.
It’s the same halfwits that believe it every time they get an email saying they won $100m in the Nigerian lottery or their cousin was run over in nigeria and left them a fortune etc etc.
All email providers and internet servers keep reminding us not to respond to these stupid emails and only to enter passwords or details on any sites if we have gone directly to the website by keying the link. I’m sorry but people that are STILL do dumb to understand this get everything they deserve.
Sorry to be harsh but it’s completely true.
If the web domain is a *.ky, he can get it back – call ICTA and they will restore it to resident control.
He’ll have to contact Facebook about the hacked profile: http://www.facebook.com/help/?topic=security
Poor guy. I hope he gets some resolution to this quickly!
Not only YAHOO but HOTMAIL is asking for the same information passcode, address, etc of your account. The actual email looks very very real like it is really from Hotmail. The warning bells went off when they asked for your password.
YUP…
WHEN IT COMES TO PERSONAL INFORMATION.
I know alot of people using FACEBOOK! That is a very dangerous site which alot of people are now placing their photos and family information on. I was shock the other day when I saw my wedding pics on FACEBOOK because someone else decided to upload their enture album of pictures on it.
Read it in the news, FACEBOOK is becoming a target by scammers!
Facebook is a social media "Tool". Like any tool – learn how to use it safely.
Think of a password like a key to your house — don’t give them to anyone, change them regularly, and make them difficult to guess. If it is a business related account, keep it even more secure. I would recommend having one person in charge of the account and they better be responsible.
BTW — those pictures may have contained something about you but they were someone else’s property to do with as they saw fit. Camera’s seem to be a bigger problem, you never know when someone might catch a compromising incident in a photo!