Coffin at a funeral

Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company's customers, asking for money.

The hack took place on late Wednesday when employees of Griffin Funeral Home in West Monroe, Louisiana lost access to the company's Yahoo account, used as the main communications point with customers and business partners.

Hackers asked customers for money transfers

The hackers sent out emails posing as the funeral home's owner —Glenda Griffin— asking customers and suppliers for a favor.

If the other party replied, hackers would ask for $2,450 to be paid in a Ukrainian bank account. They justified the request by saying that Glenda was on vacation in Europe and her cousin suffered an accident and needed urgent medical care.

The scam was well put together as hackers had apparently studied the company and its owners before launching the campaign. As usual, they didn't pay too much attention to detail, as they forgot to copy Glenda's full email signature.

Employees said they detected something wrong after customers and partners called in to inquire about Glenda's supposed predicament. They realized they got hacked when they inspected emails in the Sent folder and saw the emails without the full signature, which was also supposed to contain a standard disclaimer.

Hackers wrestle control over the email inbox away from staffers

Funeral home staff changed the account's password, but hackers kept accessing the system. Employees changed the password four times before being locked out for good.

The company reached out to Yahoo for help, but they have not heard back. They also filed a complaint with local police.

In the meantime, the company also changed its official email address and is now informing customers to ignore the recent emails and update their contact details.

Speaking to local media [1, 2], a funeral home employee recommended that companies change all passwords as soon as former employees leave, hinting at a possible source of the initial password leak.