Cunning Request for Quotation (RFQ) scheme allows cybercriminals to purloin genuine commodities
In a new twist to cybercrime, scammers are using stolen files to impersonate legitimate businesses and submit fake Request for Quote (RFQ) emails. This practice, a form of business scam, involves exploiting stolen or publicly available information such as Employer Identification Numbers (EINs), DUNS numbers, employee identities, and company documentation from previous cyberattacks to create convincing requests for quotes on high-value physical goods like electronics, medical devices, and business-critical hardware.
The scammers typically request Net financing terms, such as Net 45, meaning the victim company ships the goods with payment deferred for 45 days. They provide supporting business documents to speed up credit approvals. The goods are shipped to addresses often linked to shipping forwarding services, money mules, or warehouses that unknowingly transport stolen goods. These addresses may be in West African countries such as Nigeria and Ghana.
The modus operandi of these scams is as follows:
1. Use stolen business files and identities to spoof real companies. 2. Send RFQ emails to suppliers requesting quotes on costly items. 3. Use the received quotes to craft credible fraud requests. 4. Secure Net 45 payment terms to obtain goods without immediate payment. 5. Coordinate with intermediaries like freight forwarders and mules to receive stolen goods physically. 6. Eventually, sell the stolen items, often flowing towards African countries.
This scam not only causes significant financial losses but also enables criminals to fraudulently obtain expensive physical goods through sophisticated social engineering combined with cybercrime tactics. Security firms like Proofpoint actively track and block these fraudulent RFQ domains and communications to mitigate the threat.
The goods requested in the RFQ emails include equipment such as networking gear, CCTV cameras, and healthcare hardware, intended for sale in African countries. A partnership with the company's Takedown Team led to the successful take-down of 19 domains associated with these scams. It is crucial for businesses to be vigilant and ensure the authenticity of RFQ emails, especially those requesting Net financing terms, to protect themselves from such scams.
- In light of the current cybercrime trend, it's essential for businesses to be aware that scammers might use stolen files and identities to impersonate legitimate companies, including technology firms that supply networking gear, CCTV cameras, or healthcare hardware.
- As a preventative measure against such scams, it's crucial for businesses to exercise vigilance when verifying the authenticity of RFQ emails, especially those related to high-value items and Net financing terms, to maintain cybersecurity and avoid potential financial losses.
%20scheme%20allows%20cybercriminals%20to%20purloin%20genuine%20commodities){kind=link}