Internet security isn't just for credit card companies and major retailers.
As more of the world's business is done over the internet, protecting your online presence is a consideration that even small town Main Street needs to be aware of.
"I always figured it would be a bigger business," said Guyla Pohlman, owner of The Wood Cellar in Hampton.
Pohlman has learned the hard way that size doesn't matter when it comes to internet security. While breaches into major retailers and financial institutions may make big headlines, small town shops are not immune to cyber-vandalism. In this case, that means loss of control of The Wood Cellar's official Facebook page.
On February 12, Pohlman received an automated e-mail from Facebook informing her that she'd been removed as an administrator on her business page. While Pohlman herself had two-factor authentication activated on her personal Facebook account, one of her employees did not.
It's not known how the online miscreant was able to gain access to the employee's account. A careless click on an unsecured link or a errant log-in prompt is all it takes for your username and password to be exposed. Whatever the method though, it created an opening that allowed the hijacker access to not just that employee's personal page, but gave them the full run of The Wood Cellar's page as well.
Because the employee also had administrative access to the page, the hijacker was able to add their own (presumably fake) account as an administrator and boot out everybody else.
Since then, Pohlman has been unable to post on her business page, leaving many of her 4,000 followers in the dark about the situation.
Pohlman says Facebook accounts for a significant portion of her business, with customers from around the country using the page to keep up on her latest wares. Without access to her business page she is not only unable to advertise her products or communicate with customers, she can't even get the word out that she's lost control.
To an out-of-state customer, The Wood Celler's Facebook page has simply been inactive since February 10.
Which in itself is a mixed blessing. Outside of posting a short video featuring an image of Pohlman's dog, the hijacker has largely kept their hands off of the page. Posts haven't been deleted and the hijacker has refrained from posting obscene material.
Still, Pohlman would very much like her page back. While making a new page is technically possible, it would mean building a decade's worth of followers over from scratch.
"You can't just start a new page. It takes years," said Pohlman. "Hopefully I'll get it back."
To that end, Pohlman has enlisted the aid of Patrick Palmer, a local computer repairman. Palmer made contact with the hijacker over Facebook Messenger asking them to return control of the page to Pohlman and received a ransom demand of $500 in bitcoin in response.
With no assurance that the hijacker would return the page once the ransom was paid, Palmer has opted to contact Facebook directly, working to convince them to restore the page to its rightful owner. This in itself is a time-consuming process as Facebook requires ample documentation to prove legitimate ownership before they will intervene.
While it's possible that Pohlman may regain access to her page eventually, the incident will be a wake-up call to how she handles cyber security in the future.
"Make sure that you have two-factor authentication and change your passwords often," said Pohlman.
Two-factor authentication is an extra layer of security that many web services use to prevent unauthorized access. Once set-up, any attempt to log-in from an unrecognized device will cause a randomly generated code to be sent to the user's phone or e-mail. That code will be needed in order to continue, so even if your password is compromised a potential hijacker won't be able to get in unless they also have access to your phone or e-mail.
"Everybody who is part of a business page needs to activate two-factor authentication," says Palmer.
