Careful with Avi & Co!

[Chewyyy]

Just had a really close shave with Avi & Co NY - here's how it panned out:

1. I send an email to their official sales email to inquire about the availability of a watch
2. I get a reply saying they have a brand new one available with box and papers
3. I ask for pictures but I'm told they can't send pictures until the payment is made because the watch is sealed (red flag #1)
4. I receive the bank wire details and they look pretty legit but I receive another email shortly after saying there's some trouble with the bank account (red flag #2)
5. I ask for a trusted checkout on Chrono24 but I'm told no and given the offer to pay by bitcoin and receive an additional discount because "they don't have to pay taxes on it" (red flag #3)
6. I'm super suspicious at this point, call up the shop and ask to speak to the guy I'd been interacting with over email
7. The guy (Joe Cohen) has no recollection of our exchanges, checks his system and immediately figures out that they've been hacked - he tells me I hadn't been speaking to anyone from Avi & Co this whole time even though it's their official email

For context, Avi & Co. is a brick and mortar shop down in Diamond District NY (43 W 47th St.) and have very good reviews on Chrono24 and E-Bay (apparently I can't post links because I'm too new )

You could argue whether this was actually a hack or if the company was trying to run a scam and decided to pull out when I called - I'm going to lean towards the former because Joe was courteous and transparent over the phone but make if it what you will.

Scary stuff to be honest, glad I got through it unscathed. Lesson is to be careful when doing business over email and to run away at the slightest of red flags, no matter how reputable the seller is.

[rolehex]

Well I'm glad you noticed the flags and backed off. Most don't until AFTER they send the funds and the seller goes dark. Thanks for sharing and very smart of you to call them.

[J_1964]

Due Diligence, Well Done!

[GoingPlaces]

No first hand experience here but from what I've read and heard Avi is a reputable seller.

[AbsolutelyROLEX!]

Good job!
This thread should be made available to everyone as a learning tool!

[Bxtek]

Wow, that's pretty crazy! I'm glad you avoided the trap. Thanks for sharing your story as it makes us all more aware and smarter when doing transactions like this. You would automatically think that everything is legit when communicating through their official email address, but obviously not.

[dmash]

That's sucks for Avi and Co if so. However, have to ask, are you sure you actually sent to the right email? I'm pretty sure a business would be *well* aware within hours if their email was taken over/password changed....especially if it's obviously during normal business hours as they were in the store to answer calls. and if a hacker was simply 'in' their email, they would have still have recollection of all emails you sent back and forth, as they'd be on the server. or are you stating that he looked in the emails, and saw the bogus conversation, and that a hacker was simply in the system? as that would make sense.

This place has been around forever, highly doubt it was an 'attempted scam' like you suggest as a possibility. Just trying to get the facts straight.

[Chewyyy]

It’s definitely their email address - I got it off their website and the same email is on their IG as well.

When I called, Joe told me he’s the one who usually handles the email account and had been away for a few days. He went through his inbox with me on the phone, presumably spotted the email trail and proceeded to tell me that the account had been hacked. I guess that means that they hadn’t lost access to the email account because the password hadn’t been changed.

Like I said, I don’t want to make insinuations because I know the place is pretty reputable but what puts me off is the following:

1) Is it normal that nobody checks the business email if the guy who’s typically in charge is away? That’s the only explanation for them not being aware of the emails while still having access to it - hard to imagine someone regularly checking the emails and missing out an entire conversation of several exchanges over the course of 3-4 days.
2) At some point, I texted their WhatsApp number because I wasn’t receiving a response over email - I was told that Joe will reach out shortly, and I received an email soon after tacitly dismissing my request for a trusted checkout on Chrono24 and implying that I should be comfortable with the bitcoin payment because “we’re the biggest watch seller in NY.” This could be a pure coincidence but it does raise doubts in my head.

In the end, I can’t say whether it was a legit hacking case or a scam by the shop - all I know is I’m glad I came out of it unscathed.

[dmash]

Quote:

Originally Posted by Chewyyy

It’s definitely their email address - I got it off their website and the same email is on their IG as well.

When I called, Joe told me he’s the one who usually handles the email account and had been away for a few days. He went through his inbox with me on the phone, presumably spotted the email trail and proceeded to tell me that the account had been hacked. I guess that means that they hadn’t lost access to the email account because the password hadn’t been changed.

Like I said, I don’t want to make insinuations because I know the place is pretty reputable but what puts me off is the following:

1) Is it normal that nobody checks the business email if the guy who’s typically in charge is away? That’s the only explanation for them not being aware of the emails while still having access to it - hard to imagine someone regularly checking the emails and missing out an entire conversation of several exchanges over the course of 3-4 days.
2) At some point, I texted their WhatsApp number because I wasn’t receiving a response over email - I was told that Joe will reach out shortly, and I received an email soon after tacitly dismissing my request for a trusted checkout on Chrono24 and implying that I should be comfortable with the bitcoin payment because “we’re the biggest watch seller in NY.” This could be a pure coincidence but it does raise doubts in my head.

In the end, I can’t say whether it was a legit hacking case or a scam by the shop - all I know is I’m glad I came out of it unscathed.

Yup, that's definitely crazy, glad you got away unscathed! I just wanted to verify this was the case

[BillA]

No pictures........walk

[Chewyyy]

Quote:

Originally Posted by BillA

No pictures........walk

Pictures following shortly.

Your skepticism is misplaced though, I’m not trying to discredit a seller here - point was just to share my experience so that people can learn what they want from it as they see fit.

[Chewyyy]

Pictures attached for the more skeptical among us - you can match the email address and their phone number to the ones on their website / IG.

I didn't screenshot every single email, just the key ones - the flow is p.1 through to p.9 if you want to go in chronological order.

Note that the time zone on the WhatsApp screenshot is two hours ahead of the timezone on my laptop (I'm on vacation in a different country at the moment and the timezone on the phone updates automatically but the laptop doesn't) - this is important because p.9 falls roughly an hour after I got the reply from them on WhatsApp.

EDIT - looks like the pictures are appearing chronologically anyway :)

[dmash]

Hey, just letting you know, I wasn't insinuating you were lying! I just wanted to double check that you did indeed utilize the right email Thanks for uploading screenshots though and verifying all you said. That's a major breach, and for them to be completely unaware during business hours is kind of ridiculous.

[Chewyyy]

Quote:

Originally Posted by dmash

Hey, just letting you know, I wasn't insinuating you were lying! I just wanted to double check that you did indeed utilize the right email Thanks for uploading screenshots though and verifying all you said. That's a major breach, and for them to be completely unaware during business hours is kind of ridiculous.

No offense taken, your questions were all fair - the screenshots are more for gentleman who explicitly asked for them. :)

EDIT: They were unaware during business hours OVER 4-5 DAYS, which is even more ridiculous.

[dmash]

Quote:

Originally Posted by Chewyyy

No offense taken, your questions were all fair - the screenshots are more for gentleman who explicitly asked for them. :)

EDIT: They were unaware during business hours OVER 4-5 DAYS, which is even more ridiculous.

That's absurd, and they should definitely be called out on it. No ifs ands or buts, that's borderline pathetic to not be aware your email is hacked over a days long period, with conversations happening right up under your nose and blatantly on the server for you to see.

[Chewyyy]

Yeah - it has to be one of three scenarios:

1) The hacker was VERY proactively clearing my emails from the inbox and his emails from the sent folder
2) Gross negligence on the part of Avi & Co because it happened right under their noses with the email trail in their inbox and they didn’t notice
3) There was no hack, just someone from the shop trying to run a scam

I’m honestly at a loss to predict which of the three scenarios is more likely - just thankful I pulled out in time and some good lessons learnt for the future.

[Chewyyy]

Okay, looks like they still haven’t gotten their shit together - just received this:

https://imgur.com/eNZy6oD

[dmash]

Quote:

Originally Posted by Chewyyy

Okay, looks like they still haven’t gotten their shit together - just received this:

https://imgur.com/eNZy6oD

wow!

[Chewbacca]

flags everywhere on this one.

good catch OP.

[Chewyyy]

Quote:

Originally Posted by Chewyyy

Okay, looks like they still haven’t gotten their shit together - just received this:

https://imgur.com/eNZy6oD

Just realized how bizarre this is - the hacker’s emails never mentioned anything about watches being stored in a bank across the street. Only person who told me that was Joe over the phone when I called him after getting suspicious...

I don’t care how reliable the shop is - it’s a hard pass for me going forward at this point.

[GoingPlaces]

Wow, this is a very enlightening thread. Smart OP, asking to set the time, biz card and time stamp. This is definitely concerning as you never know. I can't blame you, I would have to move on also.

Also, seems like he came off the price pretty easily, yes?

[Chewyyy]

Quote:

Originally Posted by GoingPlaces

Wow, this is a very enlightening thread. Smart OP, asking to set the time, biz card and time stamp. This is definitely concerning as you never know. I can't blame you, I would have to move on also.

Also, seems like he came off the price pretty easily, yes?

Pretty easily, yes - I guess that was one of the flags as well because it’s very much a seller’s market at the moment.

[cajunron]

Quote:

Originally Posted by Chewyyy

Just realized how bizarre this is - the hacker’s emails never mentioned anything about watches being stored in a bank across the street. Only person who told me that was Joe over the phone when I called him after getting suspicious...

I don’t care how reliable the shop is - it’s a hard pass for me going forward at this point.

Woah! I always say trust your instinct.

[Aviandco]

Quote:

Originally Posted by Chewyyy

Just had a really close shave with Avi & Co NY - here's how it panned out:

1. I send an email to their official sales email to inquire about the availability of a watch
2. I get a reply saying they have a brand new one available with box and papers
3. I ask for pictures but I'm told they can't send pictures until the payment is made because the watch is sealed (red flag #1)
4. I receive the bank wire details and they look pretty legit but I receive another email shortly after saying there's some trouble with the bank account (red flag #2)
5. I ask for a trusted checkout on Chrono24 but I'm told no and given the offer to pay by bitcoin and receive an additional discount because "they don't have to pay taxes on it" (red flag #3)
6. I'm super suspicious at this point, call up the shop and ask to speak to the guy I'd been interacting with over email
7. The guy (Joe Cohen) has no recollection of our exchanges, checks his system and immediately figures out that they've been hacked - he tells me I hadn't been speaking to anyone from Avi & Co this whole time even though it's their official email

For context, Avi & Co. is a brick and mortar shop down in Diamond District NY (43 W 47th St.) and have very good reviews on Chrono24 and E-Bay (apparently I can't post links because I'm too new )

You could argue whether this was actually a hack or if the company was trying to run a scam and decided to pull out when I called - I'm going to lean towards the former because Joe was courteous and transparent over the phone but make if it what you will.

Scary stuff to be honest, glad I got through it unscathed. Lesson is to be careful when doing business over email and to run away at the slightest of red flags, no matter how reputable the seller is.

Dear Abbas,

We want to extend our sincerest apologies concerning all the issues that you have faced. We unknowingly faced an unfortunate hack to our company email and when it comes to being hacked sometimes Smart hackers won’t just get into your account, they’ll also set up tools to make sure you won’t even know they were there. All the ongoing emails you had with the hacker were being forwarded directly to him so that’s why we were unable to see the email threads ourselves. Our company doesn’t even have a bitcoin account as we try to avoid any cyber frauds. It would be kind of strange that we wouldn’t offer you to ability to check out on our Chrono24 checkout as that is our must safest and secure checkout. We appreciate that you called our office directly to insure the safety of your purchase as we do just so ourselves with all the clients we work with. We are glad to say with the help of our cybersecurity team we have been able increase our online Security and get our email account up and running safely again.
We pride ourselves in maintaining the highest quality standards for our clients. So, we hope you will give us an opportunity to discuss this further with you.

Best Regards,
-Joe Cohen

[Chewyyy]

Quote:

Originally Posted by Aviandco

Dear Abbas,

We want to extend our sincerest apologies concerning all the issues that you have faced. We unknowingly faced an unfortunate hack to our company email and when it comes to being hacked sometimes Smart hackers won’t just get into your account, they’ll also set up tools to make sure you won’t even know they were there. All the ongoing emails you had with the hacker were being forwarded directly to him so that’s why we were unable to see the email threads ourselves. Our company doesn’t even have a bitcoin account as we try to avoid any cyber frauds. It would be kind of strange that we wouldn’t offer you to ability to check out on our Chrono24 checkout as that is our must safest and secure checkout. We appreciate that you called our office directly to insure the safety of your purchase as we do just so ourselves with all the clients we work with. We are glad to say with the help of our cybersecurity team we have been able increase our online Security and get our email account up and running safely again.
We pride ourselves in maintaining the highest quality standards for our clients. So, we hope you will give us an opportunity to discuss this further with you.

Best Regards,
-Joe Cohen

Appreciate the update, Joe - I was beginning to get skeptical because I didn't receive a response when I forwarded the whole email thread to your personal email account as per our conversation on the phone.

I know that Avi & Co. has been a trusted seller for many years and that's exactly why I reached out to you in the first place - it's unfortunate that this fiasco happened the first and only time we were to do business together.

I'm glad that you've stepped up the security on your email but I'd do another due diligence if I were you - I received this email last night and it doesn't sound like it's coming from you:

https://imgur.com/a/UpM1Qbe

I notice that the email address is now different, which might mean you've successfully kicked the hacker out of your system and he's having to resort to phishing in a last-ditch attempt to steal my money. I'd do a second check regardless.

The other thing that really bothers me is the following:

1. At some point when I was not receiving replies over email, I texted your verified number and the hacker replied immediately after I was told that "Joe will get back to me" - could be pure coincidence but it bothers me nevertheless
2. The hacker seems to know things that we discussed only when we spoke over the phone (e.g. that you store watches in a bank nearby) - again, it could be that the hacker went through old emails or is an insider who is intimately familiar with your business but it's still troublesome

Finally, please understand that I'm not trying to discredit you as a seller - I've been proactive in giving you all the required information so you can deal with this hack and I felt it was also my responsibility to warn the community here that there was something fishy going on with a seller who's typically so well trusted.

[dmash]

Quote:

Originally Posted by Aviandco

Dear Abbas,

We want to extend our sincerest apologies concerning all the issues that you have faced. We unknowingly faced an unfortunate hack to our company email and when it comes to being hacked sometimes Smart hackers won’t just get into your account, they’ll also set up tools to make sure you won’t even know they were there. All the ongoing emails you had with the hacker were being forwarded directly to him so that’s why we were unable to see the email threads ourselves. Our company doesn’t even have a bitcoin account as we try to avoid any cyber frauds. It would be kind of strange that we wouldn’t offer you to ability to check out on our Chrono24 checkout as that is our must safest and secure checkout. We appreciate that you called our office directly to insure the safety of your purchase as we do just so ourselves with all the clients we work with. We are glad to say with the help of our cybersecurity team we have been able increase our online Security and get our email account up and running safely again.
We pride ourselves in maintaining the highest quality standards for our clients. So, we hope you will give us an opportunity to discuss this further with you.

Best Regards,
-Joe Cohen

I think people can appreciate that you take the time to make an account and respond to this, instead of simply ignore it. Kudos on that.

I definitely think you need to up your security protocol though (you have made note of this, I hope it's sufficient). You're not selling jelly assortments, these are quite expensive transactions being processed through your website. A few hour fluke happens to the best of businesses, but as Chewyyy pointed out.....even after making you aware of said hack, the hacker *still* had access to your servers and was making contact trying to solidify a sale. That's not really acceptable in my opinion, as it ended up being a multi day thing.

Not really trying to give a business front as yourself a lecture, moreso just some friendly advice. If a 'hacked' transaction actually got pushed through, but it was from your verified email address for all sales inquiries, that might be quite the legal pickle from a responsibility standpoint, and could result in some serious financial damage.

Thanks again for actually responding to this thread though.

[Lime]

Quote:

Originally Posted by Chewyyy

Appreciate the update, Joe - I was beginning to get skeptical because I didn't receive a response when I forwarded the whole email thread to your personal email account as per our conversation on the phone.

I know that Avi & Co. has been a trusted seller for many years and that's exactly why I reached out to you in the first place - it's unfortunate that this fiasco happened the first and only time we were to do business together.

I'm glad that you've stepped up the security on your email but I'd do another due diligence if I were you - I received this email last night and it doesn't sound like it's coming from you:

https://imgur.com/a/UpM1Qbe

I notice that the email address is now different, which might mean you've successfully kicked the hacker out of your system and he's having to resort to phishing in a last-ditch attempt to steal my money. I'd do a second check regardless.

The other thing that really bothers me is the following:

1. At some point when I was not receiving replies over email, I texted your verified number and the hacker replied immediately after I was told that "Joe will get back to me" - could be pure coincidence but it bothers me nevertheless
2. The hacker seems to know things that we discussed only when we spoke over the phone (e.g. that you store watches in a bank nearby) - again, it could be that the hacker went through old emails or is an insider who is intimately familiar with your business but it's still troublesome

Finally, please understand that I'm not trying to discredit you as a seller - I've been proactive in giving you all the required information so you can deal with this hack and I felt it was also my responsibility to warn the community here that there was something fishy going on with a seller who's typically so well trusted.

I think there is still more for the seller to answer to then the initial response included.

[CorradoBrit]

Little odd that Aviandco registered 18 months ago and this is their first post. Maybe I'm just overly suspicious these days

[GoingPlaces]

I think they are good seller, perhaps they are vulnerable right now. The hacker (assuming) had information that was part of a phone conversation, maybe an insider? I don't think this has resolved itself based on the information the OP has stated. There is definitely a breach somewhere.

[lyktestolpe]

I think the seller has more to answer for then just the hack. I’m an IT security professional, and can confirm that this way if scamming a business is common. But the information that was given over phone never reached the hacker, so something is off here!