A hairdresser has revealed her terrifying ordeal after hackers stole her customers’ money and data before taunting her with creepy and threatening emails, even claiming they could see her through her own mobile phone camera.
Brooke Cleall owns Zazu Hair Salon in Brisbane and had been receiving a string of texts and emails from a payment app she uses to charge clients – all after hackers simply got hold of her email address and phone number.
She was inundated with messages saying there had been attempts to change her password before the hacker got access to her customers’ information.
The cyber criminals then sent Ms Cleall frightening messages with promises to keep stealing her data and fleecing her loyal customers – stealing thousands of dollars.
‘I have already taken over your emails and phone number and banking b*tch,’ an email from one of the hackers read.
‘I see all. Fear me we are coming… I’m also listening to all of your phone calls.’
Brooke Cleall owns Zazu Hair Salon in Brisbane (pictured) and had been receiving a string of texts and emails from a payment app she uses to charge clients that the hackers infiltrated
PROTECT YOUR ACCOUNT FROM HACKERS
- Always use two-factor authentication with either a text message or code generator to log in
- Use a secure password for every account with capital letters, numbers and symbols
- Do not click on suspicious looking emails even from recognisable sources
- Government organisations will not ask for personal details in text messages and emails
- Report any suspicious activity immediately to your bank or appropriate companies
Ms Cleall said the early warning signs came when she received messages that she told her someone had tried to change the password on her GetTimely booking app.
She then quickly received notifications she had made transfers to the hackers, with the criminals now in full control of her information.
‘They literally just need your email and password and they can hack all your client’s data,’ the salon owner told A Current Affair.
The hackers began taunting Ms Cleall, sending her threatening emails and writing swear words across her computer’s screen saver.
‘That was horrible, that’s what I woke up to the next morning. Absolutely horrible,’ she said.
The hackers would go on to steal $2,000 from Ms Cleall and another $6,000 from her clients, simply by obtaining her email address and phone number.
‘I was just in panic mode, I straight away went to police,’ she said. ‘No one could help me.’
One of her customers said she found two emails in her inbox invoicing nearly $1,000.
‘I thought something was strange quite quickly and let Brooke know and she told me they had been hacked,’ Jacinta Bullock said.
The hackers began taunting Ms Cleall, sending her threatening emails and writing swear words across her computer’s screen saver – and even saying they could see her through her phone camera
‘They literally just need your email and password and they can hack all your client’s data,’ the salon owner (pictured)
Ms Bullock had her money refunded by her bank after reporting the suspicious transactions, but was forced to get a new credit card and set up all her direct debits all over again.
‘They (hackers) have no regard for the damage that this is doing to businesses, their reputations and to the end user in customers,’ she said.
‘Honestly I think they’re probably scum.’
A cyber security expert at Griffith University told the program there has been an increase in ‘homegrown hackers’ and that people can prevent intrusions with simple preventions.
He said two-factor authentication, requiring a text message to your phone or a code from a code generator app, can help safeguard your accounts.
Ms Cleall’s Zazu Salon (pictured) lost $2,000 with clients losing more than $6,000 combined as the hackers illegaly charged people invoices for fake appointments
The cyber criminals then sent Ms Cleall frightening messages with promises to keep stealing her data and her customers’ money (stock image)
‘It’s becoming quite easy to get the tools, you buy them from the dark web and have everything they need to launch a ransomware attack,’ Dr David Tuffley said.
Ms Cleall did not have two-factor authentication on her GetTimely booking app and also had an insecure password, lacking numbers and different symbols.
Cyber security expert Dr David Tuffley from Griffith University said hackers have traditionally targeted us from overseas but we’re now seeing a spike in ‘homegrown hackers’ within Australia.