|
danrc
Original Poster
2,454 posts
79 months
|
Evening all, I'll try and keep this short, although I doubt i'll be able to. I found out that tonight, our holiday to Tobago for my best friends wedding in September is now in ruins. My brother, his wife, my wife and I made an enquiry through a website (Won't name it because I know it is not allowed per PH rules) on dates, availability etc. We recieved an email back saying it is and then the emails started between the 2 parties thrashing out the details. My brother and his wife handled the correspondance throughout. We got a rental agreement sent through and checked everything over. Once we were happy with the details we organised payment. The only way to send the money was a bank transfer (I know, I know)! I called the bank and tried to find out if there was a way to do this with some guarantee. There wasn't. (I just found that my brother spoke to the actual owner and she doesn't take credit cards either!). Fast forward to today - My brother got an email through today which worried us all. Copied below: [i] Dear Traveller, We are sending this notification to alert you that we have a security concern. This email address was recently used to send an enquiry on our site for a possible rental of the property listed above. We have reason to believe that this advertiser’s email account may have been breached and that the enquiry you submitted may have been intercepted. This unfortunate issue is commonly referred to as internet phishing. When we learned of this potential breach, we moved promptly to suspend the advertiser’s listings, and we are currently in the process of working with the advertiser to reinstate the advertiser’s listings on our site with a revised account. Once the listings are reactivated we will notify you, and you can then reinitiate contact with the advertiser through our enquiry system. At that time we will provide you with instructions to view the property again on our site. Please use caution making a payment for a deposit or rental of this property until this listing displays on our site again. As always, be careful about your means of payment and we advise against sending any payment details (such as credit card information) by email. As always, please feel free to contact us should you have any questions. Kind regards [i/] We called the number supplied with the email and got through to the owner. She admitted her pc and emails have been hacked. We were sent a rental agreement with her details (Changed bank details obviously) and all the details for cancellation/refunds etc. She found our original correspondence in her deleted items. Other than that, she has obviously never heard off us before. So, the crux of the matter. We're now down £1620 and have flights to Tobago booked with no accomodation at the other end. Are we in any way covered? The rental agreement says "carefree rental guarantee" stamped all over it but this may mean squat. See here: http://www.homeaway.com/guarantee/home.htmlIt seems to me woman who's email has been hacked is liable and should stump up. We went through the right channels, questioned with the bank if we could send this money more securely, and jumped through all the hoops. What are your thoughts? Any help on this is greatly appreciated as we are all absolutely gutted about this.
|
|
|
kaf
323 posts
16 months
|
You would appear to be screwed IMHO, the woman who had her e-mail account hacked cannot be held liable, she did nothing wrong.
I'm guessing you have asked the bank if they are able to reverse the transfer?
Caveat Emptor as they say.
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
kaf said: You would appear to be screwed IMHO, the woman who had her e-mail account hacked cannot be held liable, she did nothing wrong.
I'm guessing you have asked the bank if they are able to reverse the transfer?
Caveat Emptor as they say. But is she not covered by her insurance? We applied through the correct website so as far as we were concerned we were in touch with her and have done nothing wrong. The emails we recieved even had her name on the form with all the details for the place. Does this count for nothing? I have, and they can't. The police have been contacted so they'll be getting all of the correspondance. I hope you're not right, I feel sick at the thought.
|
|
|
kaf
323 posts
16 months
|
If she is insured, it will probably be for her loss, not yours and in respect of monies actually paid to her.
I hope I'm wrong, but she has received nothing, has probably lost income and suffered grief as well.
You have both lost out, though it will no doubt hurt you more. I wish I could think of an easy solution, I wish you luck.
|
|
|
davepoth
19,927 posts
68 months
|
So you have the banking details for the account the money was sent to? Have you tried contacting that bank? And the police in the country that bank is based in?
|
Advertisement
|
|
|
Steffan
6,190 posts
97 months
|
I agree with all the suggestion to seek recompense.
Years of experience have convinced me that on the net and phone never ever pay cash or Bank Transfer unless you are prepared to risk the money.
I realise it is too late for the OP but the reality is that there are inherent risks in such transfers.
I am sorry for the OP but I do hope others will see the lesson.
Not everyone on the web is who they purport to be.
I do hope the OP recovers his money.
|
|
|
standardman
230 posts
37 months
|
I wonder if she would let you have it for free as a goodwill gesture ?.
Ultimately she probably has not followed good procedure with the security of her PC. Is it even available ?
|
|
|
poljot
24 posts
30 months
|
We came within a gnat's of being similarly stung a few weeks ago.....same website, property rental near Gerona, authentic looking rental agreement sent to us.....the only thing that flagged up our suspicions was the fact that the bank account we were supposed to send funds to didn't sound 'right' at all, in that it was an Asian-sounding name linked to a UK account - the website gave us the impression that the owners were Dutch.
Does 'sterental' ring any bells with you at all?
My wife did some digging and found an address and phone number linked to the name on the account. We passed those details on to the owners of the website - they weren't really interested. Whilst rooting around on the website, I found an American-owned property ad with an attached banner pointing out that the owner's account had been hacked and that any prospective renter should beware of contact from 'sterental' - I suspect that many more accounts may have been similarly breached.
None of this is particularly helpful to you, and you have our sympathies - if you're going to report it to the police and want the info that we have (of course, the address and phone number my wife found could just be a part of the hacker's web of deceit) drop me a PM.
Pete
|
|
|
bigandclever
6,362 posts
107 months
|
Re the Homeaway guarantee... I'm guessing this wasn't taken out? Because section 2(a)(i) seems to directly apply.
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
Regarding the homeaway guarantee, we booked it through a website which has the cover. On our rental agreement this is stamped all over it so we are covered as far as I can see.
This is what was on our rental agreement:
General Program Guidelines.
You qualify for the Program if you do all of the following:
„h Find, inquire about, and rent a vacation rental property advertised in the HomeAway, Inc. community of websites servicing the market: HomeAway.com, VRBO.com, VacationRentals.com, A1Vacations.com, GreatRentals.com, Homeaway.com, and/or CyberRentals.com (collectively, "HomeAway" or the "HomeAway Sites")
„h IN ORDER TO BE ELIGIBLE FOR THE PROGRAM RENTAL PROPERTY MUST BE AN ACTIVE LISTING ON THE HOMEAWAY SITE AT THE TIME OF THE INQUIRE AND THE OWNER MUST BE REGISTRED WITH CAREFREE RENTAL GUARANTEE. In addition, your payment to the property owner or manager must be received via the payments method accepted on contract
„h Send money to the property owner or manager via direct bank transfer or wire bank transfer to secure the booking or reservation of the property. You will not be eligible if the payment has not been made to the owner or property manager
„h In case the Traveler request to apply the rental guarantee they must provide written proof of his or her identity (e.g., copy of passport, driver's license, etc.) as HomeAway may request in its sole discretion. Traveler must provide written proof that the subject property was listed on one of the HomeAway Sites. The reimbursement process cannot be requested before the Tenant contact Property owner or manager and request a refund, only in case where property owner or manager refuse to refund the Carefree Rental Guarantee can be applied. HomeAway will get in contact with both part and will try to solve the issue before applying the guarantee.
„h Restrictions and limitations set forth in these Terms, the Program provides up to ten thousand dollars ($10,000) in aggregate protection to Traveler against amounts actually paid by a Traveler to a property owner or manager for a rental property that is listed on a HomeAway
We did all of the above, so I hope to god we are covered. The reading of other peoples experiences of this scheme do not read well though.
I'll reply with more detail soon, I am currently trying my best to sort this mess and also get on with the day job.
thanks everyone.
Dan
|
|
|
darreni
1,472 posts
139 months
|
danrc said: Send money to the property owner or manager via direct bank transfer or wire bank transfer to secure the booking or reservation of the property. You will not be eligible if the payment has not been made to the owner or property manager This bit could be an issue as the money has not been sent to the owner? Good luck.
|
|
|
Stevenj214
4,941 posts
97 months
|
danrc said: „h Send money to the property owner or manager via direct bank transfer or wire bank transfer to secure the booking or reservation of the property. You will not be eligible if the payment has not been made to the owner or property manager Not wishing to rain on your parade but technically you did not do this. Hope it works out for you.
|
|
|
tvr wife
105 posts
50 months
|
Dumb question I know but does your debit card have a visa sign on it?
I was caught a few years ago and didn't think I had a leg to stand on as I had paid by debit card (not credit). A solicitor pointed out to me that the visa sign on the card still meant I was covered and I did manage to get my money back directly from the bank.
I know with your situation being a bank transfer it might be different but is it worth asking the question?
Good luck
|
|
|
voyds9
4,068 posts
152 months
|
Sounds to me as if the rental site was hacked and not the property owners email, if several properties have been done at about the same time.
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
Stevenj214 said: Not wishing to rain on your parade but technically you did not do this. Hope it works out for you. Do you mean because it was sent to the phishers rather than the owner? Surely this is the whole point of the phishing cover on the website?
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
tvr wife said: Dumb question I know but does your debit card have a visa sign on it?
I was caught a few years ago and didn't think I had a leg to stand on as I had paid by debit card (not credit). A solicitor pointed out to me that the visa sign on the card still meant I was covered and I did manage to get my money back directly from the bank.
I know with your situation being a bank transfer it might be different but is it worth asking the question?
Good luck It does. My bank card is a visa debit card. I don't know if this still applies though as I paid with a bank transfer rather than with my actual card. Thanks again for everyones input.
|
|
|
Decky_Q
788 posts
46 months
|
I would be pushing that the owner should allow you the use of the property without any further payment, her security was hacked so it would only be good manners that she offer to try to right the wrong when she has the power to do so without spending very much (bar lost earnings from taking a 2nd booking), really hope you get sorted, also Id check what legal cover you have on your home insurance.
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
I will try and answer everyone's questions here: kaf said: If she is insured, it will probably be for her loss, not yours and in respect of monies actually paid to her.
I hope I'm wrong, but she has received nothing, has probably lost income and suffered grief as well.
You have both lost out, though it will no doubt hurt you more. I wish I could think of an easy solution, I wish you luck. Thank you. I am going to try and press her, and the website we booked through more to see if there is any way they can help. I am not going to hold my breath though. davepoth said: So you have the banking details for the account the money was sent to? Have you tried contacting that bank? And the police in the country that bank is based in? I have the details but have not been in touch with them - yet. The bank account is in the UK and I am waiting for the police to get back in touch with me. I am also going to get in touch with the police in Tobago through a friend who has family there. Steffan said: I agree with all the suggestion to seek recompense.
Years of experience have convinced me that on the net and phone never ever pay cash or Bank Transfer unless you are prepared to risk the money.
I realise it is too late for the OP but the reality is that there are inherent risks in such transfers.
I am sorry for the OP but I do hope others will see the lesson.
Not everyone on the web is who they purport to be.
I do hope the OP recovers his money. Agreed. It's a very hard lesson and is still hurting. I hope others see this and never repeat what has happened. standardman said: I wonder if she would let you have it for free as a goodwill gesture ?.
Ultimately she probably has not followed good procedure with the security of her PC. Is it even available ? This is what I am hoping, but I doubt it. I am going to contact her directly and see what she says. We followed the booking to the letter and as far as I am concerned, the fault is with her email system. I doubt this is a legal standpoint but it's certainly a moral one. poljot said: We came within a gnat's of being similarly stung a few weeks ago.....same website, property rental near Gerona, authentic looking rental agreement sent to us.....the only thing that flagged up our suspicions was the fact that the bank account we were supposed to send funds to didn't sound 'right' at all, in that it was an Asian-sounding name linked to a UK account - the website gave us the impression that the owners were Dutch.
Does 'sterental' ring any bells with you at all?
My wife did some digging and found an address and phone number linked to the name on the account. We passed those details on to the owners of the website - they weren't really interested. Whilst rooting around on the website, I found an American-owned property ad with an attached banner pointing out that the owner's account had been hacked and that any prospective renter should beware of contact from 'sterental' - I suspect that many more accounts may have been similarly breached.
None of this is particularly helpful to you, and you have our sympathies - if you're going to report it to the police and want the info that we have (of course, the address and phone number my wife found could just be a part of the hacker's web of deceit) drop me a PM.
Pete sterental doesn't ring any bells. On the form the name was Petrescu Clean. i may well drop you a pm. thanks for letting me know and for taking the time to reply. voyds9 said: Sounds to me as if the rental site was hacked and not the property owners email, if several properties have been done at about the same time. As far as I can tell, it is definately the owners email that has been hit. The hackers have intercepted the email which is sent from the website to the owner. What they have done is hacked the owners pc and taken over her email. They have access to her documents too as they sent us a rental agreement from her pc. The owner found all correspondance from the hackers in her deleted items in her email.
|
|
|
fyfe
57 posts
14 months
|
Have you spoken to the website that originally initiated the contact? The one who sent you the advisory note. I would personally be interested in how they established that the vendors email account had been affected. When you spoke to her was she aware of the fact that her PC had been "hacked"? Was contact initiated through an actual email address (you sent an email from your email software to something@somewhere.com) or through an online form on the listings site?
As mentioned previously, the odds of someone compromising the email accounts of multiple vendors on the same site is slim - even when considering the fact that the holiday rental business is potentially a rich vein given the payment approaches often taken.
|
|
|
danrc
Original Poster
2,454 posts
79 months
|
fyfe said: Have you spoken to the website that originally initiated the contact? The one who sent you the advisory note. I would personally be interested in how they established that the vendors email account had been affected. When you spoke to her was she aware of the fact that her PC had been "hacked"? Was contact initiated through an actual email address (you sent an email from your email software to something@somewhere.com) or through an online form on the listings site?
As mentioned previously, the odds of someone compromising the email accounts of multiple vendors on the same site is slim - even when considering the fact that the holiday rental business is potentially a rich vein given the payment approaches often taken. I have not, but my brother has. It was him and his wife that did the initial enquiry and further emails between the "owner" and us. I am interested in this also, so am going to call them. She was aware yes, I am asuming (will need to speak to her directly) that it was her that alerted the company. We sent the initial email to her through the website as a listing. This listing has now been taken down.
|
|
