http://www.northernadvocate.co.nz/lo
calnews/storydisplay.cfm?storyid=3690082
By Craig Borley
26.06.2006
Internet fraud has hit a Whangarei bookshop owner, leaving
his web
site suspended and his business' future in the balance.
Dennis Scoles, of Oceania Books, said his business earned a
third of
its income from on-line sales.
But a computer hacker has targeted Mr Scoles' site, meaning
customers
trying to pay for books via his PayPal link were actually
paying the
hacker.
Mr Scoles' PayPal page was replaced by a fake, with a link
to a
different bank account.
All this came as a shock to Mr Scoles, who said the incident
was hard
to understand.
"We didn't have them (computers) at school in my day,
so I had nothing
to do with them. I know nothing about IT, I was just a book
collector.
I just feel sick, like I've been involved in a
crime."
He has now invested in a firewall program intended to block
hackers
but Quentin Donald, owner of Mr Scoles' Internet service
provider
Acute Systems, said no blame lay with Mr Scoles.
"It has nothing to do with his computer at all, as I
understand."
He said Mr Scoles' website used an osCommerce system for
online
payments - one of the world's most common forms of on-line
shopping.
He said it appeared someone had figured out a way to
"get in the back
door" of that system.
Mr Donald believed there were some 30,000 websites using
osCommerce,
most of which were too small to be attractive to hackers.
Because hackers tend to go for the big fish, he said,
"the general guy
in the corner shop doesn't have to worry".
But Mr Scoles may have attracted the hacker's attention
because of the
sheer size of his site. It included information and
photographs of
some 1000 books.
"I'd been staying up nights, loading it all on, and
it was only just
starting to pick up."
But as investigations continue Mr Scoles' website has been
suspended,
causing him concern that future shoppers will be put off.
He had planned moving his business to Internet-only by the
time he
retired but now he's not so sure.
"I have to seriously think about whether I want to
continue on-line.
It's a lesson that should be passed on to all businesses
thinking
about doing this."
Mr Donald said this lesson was a cruel one, due to its
rarity and
people's inability to protect themselves against it.
© APN News & Media Ltd 2006.
_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
|