Constant Contact

Hay maaate!!...


“ Hay maaate! I am from the ABC company. We understand that you do the web site for the XYZ resort. We need you to give us the access keys to their server so we can do some work on it. The owner has entered into an agreement with us and we need this information from you.”

That was the start to the conversation when I answered the phone. Yes, I indeed did the web site but had received no advice or instructions from the owner regarding anything he wanted done or authorizing me to divulge such vital information. And yes, I’m withholding names because the matter may be sub-judicy

So what was the work that they wanted to do? “We are going to set up a mailing list program so that he can mail out things like newsletters and other marketing material and automatically collect the email addresses from his web site.” To reassure me I was told that they really needed to change some existing code so that people could enter their email details and then to also ensure that a copy of this information was forwarded to them. I was told they were from the foremost IT company working specifically for the tourism industry on the coast and were well known. All this obviously to lull me into a false sense of security.

Curious, because all the features referred to were already in existence on the web site and why would they want a copy of all the email addresses. Well, they did not know about the first bit but anyway, it was too late as my client had already signed up and paid them the money. They needed copies of mail details so they could monitor the site. Monitor if for what? Nothing for me to worry about so I’d better just provide the necessary information and not concern myself any further. This time the tone was no longer as “matey” and sounded quite threatening.

There was no way I would divulge server access information to a third party without very clear instruction from my client. With that information the site could become the property of anyone, could be moved to another server and could be changed to whatever somebody else wanted it to be. And you may recall that several years ago I wrote about just such an occurrence which finished up costing my then client quite dearly.

A ‘phone call to my present client was somewhat enlightening. Yes, he had discussed the mail out feature with some people but not paid any money. No, he was not sure of their identity; they did not even have a business card and only left him an unlisted telephone number. The details of the offer were also spectacular. For $990 they would set up a mailing list and for a further $120 per month thereafter send out your newsletters. He had forgotten that the mailing list feature existed on his web site but recalled something about it now. More worrying was that he was not too sure who he was dealing with. Well, at least no damage had been done to date I thought. So I explained his facilities again and once more provided him with the necessary information for him to make things work as intended.

I felt it was urgent and important to draw your attention once again to this type of scam doing the rounds once more despite the many warnings published over the years in this magazine and in the press. What makes it such a huge rip-off is that you can get these services for free on the web if you so wish. But why would they want the email data also sent to them? The answer to that was too easy.

Collect lots of these and you very quickly build up a substantial mailing list to be sold to marketeering companies for tidy sums. The ABC name could also not be found in that style on the web or any web registrar’s listings, an unusual omission for an IT company today.. A company search did reveal their existence and the fact that they had recently changed their name. That was the end of that I thought. Not so! The phone rang again and the same voice but in a more confronting tone demanded to know whether I was ready to provide the required information. In the same breath I was also told that there was a serious error on one of the web pages and they thought they would just warn me before ringing my client. That last threat was quite reassuring because they were looking for ways to bluff their way into the web site. If they had searched my code more thoroughly they would have discovered that what they thought was an error was indeed quite deliberate on my part. They did think their threat would coerce me into divulging information. Normally I would have had a good laugh but these tactics were far too serious for that.

Speaking with my client a few days later I was advised that our new friends were now quite threatening and insisted that he pay them for all the work they had performed and that he had better provide all the server details or else they would go to the police. What work performed where? I suggested my client tell them politely what to do and advise them that he was quite prepared to put the matter in the hands of Consumer Affairs and indeed ASIC if they would be good enough to provide their identity details..

We are still awaiting the outcome of all this to see where the final curtain falls and will let you know. If your server does not cater for these features come and ask me. I use free software which does all the mail outs I need and is childishly simple to use.

If you use servers I am familiar with to set all this up would cost approximately $200 per year more than your current commitment. If you really wanted a mail out facility with all the bells and whistles a further $180 would acquire the software. A far cry from the rates demanded by our opportunists.

Now for some stern advice once again . Never, never divulge server or domain details to anybody unless there is a real need for them to know and you trust them. This information is as important to you as the title deeds to your house. If, for some reason you want to take advantage of third party server features firstly discuss this with your webmaster. Secondly, if code changes or additions have to be made then have that code provided to your webmaster so that he may make the changes without you having to divulge vital information to outsiders.

Do not, under any circumstances, give access to your server to anybody but your webmaster and yourself. Besides the obvious “rip-off” aspects you could finish up loosing your commercial identity and pay dearly to recover your position and property .

Cybercons provides a comprehensive range of services for business Internet, intranet, and specialised software. For further information on any of these services available please contact us.

Quality web design and software solutions
www.cybercons.org

HOME | ABOUT US | SERVICES | WEB DESIGN |MULTIMEDIA |HOSTING | EMAIL |SOFTWARE |SITE MANAGEMENT | TRAINING|DOMAIN SERVICE |OUR CLIENTS | FREE | ARTICLES | CONTACT |

Site designed and maintained by Cybercons © 1998 :Page was last updated on: