Marigot St. Lucia, a new scam
CSSN has received a first-hand account from a cruiser anchored In Marigot Bay, St. Lucia.
It was a particularly windy day on Saturday, December 10, 2016. After a strong burst a cruiser looked topside to check if anyone was dragging, and noticed a boat in front that was, and its crew was obviously not onboard. He jumped in his dinghy and got the attention of another nearby cruiser and they were able to tie the dragging yacht to, and then haul it up close, on a nearby mooring. An hour later he noticed the owners had returned and were sorting out the slack anchor chain. He went over to explain what had occurred and in conversation learned that a local (who was nowhere to be seen while they were securing the boat) had come by demanding money for “saving” the boat. The owner gave him what he described as “a lot of money.” Someone was quick to monetize another’s misfortune while providing no assistance.
CSSN NOTE: There have been 4 incidents of theft and attempted theft reported to CSSN so far this year, both inside and outside the lagoon in Marigot Bay, St. Lucia. The most recent in November (LINK HERE). When reported to local authorities the police indicated to the victims that the “problem in Marigot happens a lot” and offer no indication of any plan to change things. It seems some there are in fact keeping a close watch, but likely not with cruiser interests in mind.
CSSN SPECIAL REPORT – Cyber-Crime Scams Against Yachts in the Caribbean – February 2016
During 2015, CSSN received reports of internet scammers who were preying on cruisers by intercepting marina reservations and bookings communications and luring cruisers to the scammers email, then asking for money to secure a (nonexistent) reservation via bank (wire) transfer. It has been reported that several thousand dollars have been lost. A CSSN investigative team has confirmed the scam by engaging directly with the scammers and collecting their email communications and bank information and then passing that information back to the victims so they can engage and inform the proper authorities.
What has happened:
The scammers inserted a bogus email address in an online directory listing for marinas. They also directly hacked a marina website that was not properly secured.
Originally the scammers were able to hack a marina’s email account , and insert their own contact information because the marina’s website was not well secured. Free accounts (hotmail, yahoo, gmail) when used with hackable passwords are easy to infiltrate and impersonate.
Anyone who contacted the marina using the directory service listed email link or the hacked website and hotmail account were actually communicating with the scammers, who then began emailing with the potential client.
The scammers were convincing. To build credibility and gain trust they appeared to have first hand knowledge of the marina, its published rates, the marina layout, how marinas operate in general and specifically how the target marina operates. They also provided local/regional knowledge and offered other additional services for a fee. In some cases, the scammers also “appropriated” the names of the marina owners, or others, and at other times they used invented names.
When the target asked for rates and availability of a slip, the information was provided in a credible way, and then a deposit or total prepaid amount was requested.
The target was only given one option to pay, which was by direct bank (wire) transfer. The scammers supplied a routing number, account number and account name. At different times the scammers provided details for three different bank accounts in the USA, UK and Europe.
The target then paid by wire transfer, received confirmation from their bank, and was provided assurances via email (from the scammer) that all was paid and awaiting their arrival.
The target arrived to find there was no slip available, no reservation and no knowledge of their arrival and intended stay. Relations between the the target and the marina became strained, yet both were victims of the same scam.
The target contacts the bogus email address (again) and asked for a refund.
The target was then asked to send additional money to cover the refund process and other expenses, and promised that when the money was received that they would receive a complete refund. A bank routing number and account number were provided for the second bank wire transfer payment.
If the target has by now not realized they have been scammed, they send more money and receive no refund.
How we caught them:
CSSN was aware of three victims. The victim that provided first hand information arrived at the marina to find that no reservation(s) had been made and no payment received. They were out a whole season’s slip fees as well as the shock and inconvenience of no place to land. (there were at least two other similar victims reported by credible sources – total loss about 3,0000 USD and counting)
The victims informed credible cruiser associations and trusted individuals of the problems .
An investigation by cruiser professionals who were knowledgeable about how to investigate and report cyber crime against yachts and CSSN was launched.
CSSN’s webmaster partnered with these technically competent and hacker savvy cruisers to reconstruct the cyber crime events and make this report.
What has changed since the investigations began:
The email address for one of the marina(s), and their website is now more secure. Free email accounts are no longer used. Emails now use their registered domain name – like firstname.lastname@example.org
However, reservations are still taken by email – but it is an email attached to their website domain name which is less vulnerable to hacker attacks.
The marina’s website now clearly accepts credit cards and does not offer the bank (wire) transfer option
What is still a threat to cruisers and marinas:
These particular scammers are still active. The original local “directory listing” for the marina still shows the scammers’ email address. Also, some crowd sourced cruiser information sites still list an insecure email address. So beware of links contained in internet “directories”, locate the correct and authentic site using other means (GOOGLE), or trusted listings for marinas and other services.
Many businesses that serve cruisers still use free email services, and use free website providers for their websites. This is not recommended for sites that collect money or engage in any e-commerce activity, because of the ease with which these unpaid services can be compromised and scammed.
The crimes were reported to cyber crime agencies, but they have not taken any action.
Precautions you can take:
Use only reputable online directories from sources such as Noonsite, SSCA, and Cruiser Guide books to locate marinas and other services.
Recognize that businesses that use free email accounts as opposed to paid email services or email connected to a website domain or an email contact form are more vulnerable to having their emails diverted by scammers.
If you feel you have been scammed, report to the appropriate authorities listed below. (CSSN can not make reports on your behalf, only victims can make reports)
Don’t believe what you see: The site may have the logo or design of a legitimate hotel or booking site, but that can be easily copied from the real website.
Look out for fake contact info: Some consumers report calling the phone posted on a scam booking site to confirm its legitimacy. Scammers simply impersonated the front desk of the hotel.
Double check the URLs. Scammers pick URLs that look very similar to those of legitimate sites.
Always be sure to double check the URL before making a purchase. Be wary of sites that have the brand name as a subdomain of another URL (i.e. brandname.scamwebsite.com), part of a longer URL (i.e. companynamebooking.com) or use an unconventional top level domain (brandwebsite.net or brandwebsite.co)
Look for a secure connection. Make sure your personal information is being transmitted securely by ensuring the web address starts with “HTTPS” and has a lock icon.
Watch for too good to be true deals. Be sure to comparison shop and be suspicious of a site that has prices significantly lower than those listed elsewhere.
This report from a cruiser currently in Cartagena:
Sad to say but crime has reached us boaters here in Cartagena. There is a marine agent and a Customs officer that are extorting foreign vessels with a false tourist visa scheme. The agent will take your boat papers and wait until there are only 2 days (from 7) left on the time to apply for a temporary importation that all foreign vessels must do if they plan to stay in Colombian waters for more than a few days. At that time they (the agent and the Customs guy) tell the captain that they cannot do the temporary importation because the Captain needs to have a tourist visa for 180 days (which is not doable as immigration will only give tourists 90 days at a time if they come by air or sea) or the boat must leave Colombia. (It takes over a week to get any visa from the Colombian Foreign Ministry. The 180 day tourist visa is available from Colombian embassies and consulates OUTSIDE Colombia).
They put all kinds of pressure and tell the captain that the agent will see if he can get the Customs guy to help them out and that they have a lawyer who can get them a tourist visa right away for 1 million Colombia pesos. Then the agent will tell the captain to sleep on it. The next morning they call and tell the captain that the Customs guy will do the importation for the 1 million pesos that it would cost to get a tourist visa. They tried this on me and when I showed than that I have a retiree visa good for one year and have had two temporary importations done in the past two years they backed off.
The fact is that there is no need to avoid coming here because of this, as there are three marine agents that operate in Cartagena. The two who are okay are a German named Manfred and Gladys Ramos. All a visitor has to do is ask at the Club Nautico or Club De Pesca office for the phone number for either one of them.