Kent-based Welcome Faversham owner Sandeep Bains is one of six convenience retailers who have fallen victim to online theft after their social media pages were hacked. The hackers also tried to scam the shops’ Facebook followers by putting fake posts featuring dubious links on the stores’ social media pages.
The retailers all work with Empros Media, the exclusive marketing partner for Snappy Shopper, so when hackers broke into Empros Media director Fraser MacDonald’s account towards the end of last month, they then gained access to the retailers’ Facebook store pages and ad manager accounts and attempted to steal thousands of pounds.
The criminals took £600 from Sandeep’s account, before attempting larger amounts. His card issuer, Amex, then contacted Sandeep to request authorisation, which he swiftly refused. “The hackers tried to take … about £2,400 pounds in various payments, but thankfully Amex stopped that,” Sandeep told Convenience Store. “And then also that £600 that they took the first time around, they reversed that payment … We were lucky.”
MacDonald added that others had not been so fortunate. “Once they got into my account, obviously since I am an administrator on God knows how many retailers’ accounts, they [the criminals] obviously have a bit of a gold mine,” he said. “There are a couple of retailers that have had quite a substantial amount of money spent on their account. So yeah, we’re really trying to get it back for absolutely everyone.”
The stores’ Facebook followers were also under threat as the hackers posted fake adverts for items, such as backscratchers, featuring questionable links.
The hacked pages were temporarily closed by Facebook and customers were warned of the issue.
Every stores’ pages have since been reopened, apart from Sandeep’s, which is especially frustrating for him as he is currently undergoing a refit and needs to communicate what is happening with his followers.
“We’ve been off for about two weeks,” said Sandeep. “So it’s only Instagram that we’ve been able to use at the moment to communicate. Facebook is currently down, we’re hoping to get that back this week because we really need to start teasing first of all [about our new refit], [communicating] if we’re closing and then [telling followers] that we’re going to be reopening with all these exciting new things coming into store.”
MacDonald has been trying his utmost to get Facebook to unlock Sandeep’s store page, but it has been an uphill struggle. “This could have actually been something that was resolved almost immediately if Facebook actually had any inkling of real customer support,” he fumed. “I don’t know how many calls and emails I’ve had from them where they’ve essentially told me that it’s been investigated - wait 24/48 hours. And I get back in 48 hours because no one’s got back to me, and then they say no one was actually investigating this for some reason the ticket wasn’t raised.”
He contacted the Information Commissioner’s Office, and Citizens Advice, before finally asking Conservative MP John Lamont to reach out to the social media giant. “Essentially, we’re close to a resolution now because I’ve actually got in contact with a local MP, the MP whose constituency is based where my company is registered.”
He claimed that Facebook was also of little help with the thefts. “It’s all been a bit of a nightmare, so I had to tell everyone basically just to freeze their bank cards in the meantime, while we got this sorted,” he said. “But, again, this could have been something that Facebook could actually resolve immediately if they actually took anything seriously.”
MacDonald warned other retailers to minimise their chances of being hacked by ensuring they adopt the correct security procedures. “Setting up the two factor authentication is a massive thing,” he said. “That’s the very first thing we’ll make sure to do for people, just to just make sure everything’s as secure as possible. I don’t know how they [the hackers] got past ours, but in general 99% of the time it does help.”
Follow Sandeep’s refit journey here.
No comments yet