As you may have heard, 2012 is going to be a banner year for computer virus infections and personal identify theft. At RTS, we already see it today. Therefore, the goal with these publications is to allow you to evaluate known threats by making you aware that they do exist.
You may be thinking that these kinds of attacks are looking for your own personal information and don't really affect your company... Guess again!
Case in point:
RTS Computer Services recently received an e-mail asking for a price quote on a half-dozen specific items. Now we get lots of e-mails asking for our products and/or services. Not bad... a quote for a half-dozen items. Won't make us rich, but it's something to think about right? Like a lot of e-mails, this was from a supposedly large company in New Jersey. As usual, we start the work on preparing a quote for pricing. However, this one struck us a little funny in that out on the west coast, getting a quote from New Jersey, while not unheard of, was a bit unusual. So we started to investigate.
Lo and behold... What follows is an excerpt from a site that exposes this scam:
"... as usual I dropped a note to my distributors to get the pricing, put a small mark-up on the numbers and passed it along. Frequently these requests are just to get the internally specified 3 quotes necessary for their procedures, so it’s not really worth lots of effort on my part.
I then received an email saying that they were only interested in one of the items, but wanted a quantity of 1200. That got my attention. It changed from a $65 sale to nearly $70,000, so I became immediately suspicious. My first stop was my local bank (www.chainbridgebank.com), where I discussed the situation with them and got some great advice. ONLY accept a wire transfer, it’s just like cash. The sending bank will not send it if the account doesn’t have the funds, and once it lands in my account there is no way for them to retrieve it. All other methods can have problems. Credit card companies can pull the funds back out up to 60 days after the deposit and cashier's checks can be faked.
I dropped Paige Electric a revised quote for the 1200, but it stated that due to there being no history between our two companies, the payment would need to be a wire transfer BEFORE the order was shipped. Their response stated that their standard was 14 days net, and they attached a pre-filled credit application with everything you would expect. Corporate references, bank references, D&B number, etc.
I refused this, and restated that the only method possible was wire transfer… The emails from them stopped. Then I started digging."
You see, the e-mail wasn't from Paige Electric. In fact, the header in the e-mail (which many of you cannot see, let alone understand since it's all in programmer gibberish anyway) said the originator was from Nigeria.
Had the poster, and RTS Computer Services not been a little bit savvy, we all could have had our business bank account emptied and lost a ton of equipment had we just dutifully followed the NET 14 days request. Normally, we would have called the company issuing the request, but as you can see, this could have been a disaster had someone missed the red flags and not done their due diligence in trying to find out who the sender actually was.
It can happen at home.
It can happen at work.
It can happen to a business.
It pays to be aware!
How to avoid scams:
- A large order out of nowhere should automatically be treated as suspicious
- Carefully check the domain the email is sent from, little differences from the expected domain are a big deal
- Have your IT professionals at RTS Computer Services check the email for anything they might find strange
- Only accept wire transfer of funds before shipping the product
- Do not be blinded by the potential profit – look at the potential loss
Don't forget -- knowledge is power! Arm yourself by making yourself and your friends aware!
Leave a comment!
You must be logged in to post a comment.