Ingram Micro, one of the largest technology distributors in the META region, has recently warned partners against the increasing number of fraudulent sales orders.
In a letter shared with its partners, Ingram Micro offered practical advice to help them mitigate fraudulent behaviour to protect “our company, your company, and your clients.”
“We’re seeing instances of fraud experienced by our partners from their long-term Existing customers (who have had their email breached) as well as from ‘New customers’ that are 100 percent fraudulent,” said Ingram Micro Director, Cyber Security Division – META Marc Kassis in the letter.
To help companies and employees identify and stop fraud, Ingram Micro shared the following advice:
If an order comes in from a new customer, is unsolicited, and seems too good to be true, then it probably is. Other potential fraud signals that we’ve seen from the frontlines include:
- If the new customer is pressed for time and okay with any price you give them.
- If the customer is ordering something that is not your core area of focus.
- If the new customer wants you to overnight a large order with no concern for cost.
- If you suspect a fraudulent order from a new customer, what should you do?
“As a best practice, perform an internet search on the company name and check their email address against the known company domain,” said Kassis in the letter.
Partners should check any address given to them as a ‘ship-to’ and see the locations and its surroundings on Google Earth. “Warehouses in desolate areas or non-descript office parks and freight forwarder addresses are all common ship-to addresses for scammers. They have been known to transpose street numbers or zip code numbers on their ship-to location to look very similar to actual end user addresses,” he said.
Existing customers can be and are being breached as well. The bad guys are getting into their email systems and creating PO’s on company letterhead, which can look perfectly legitimate – especially when it is sent directly from a valid email address from a known customer. And watch for abnormal purchases. Is your managed security client with 50 employees, sending you a PO for 150 users?
If you suspect a fraudulent order from an existing customer what should you do?
- Check the email address sent to you for the request carefully. A common trick is when an email address has one character off from the actual company or entity domain name or will use a .net instead of .com or .org.
- Check if the ship-to location is different than the location you usually ship to (ex: a different city, a completely different address or an unlikely address for that company or entity).
- Perform an internet search on the company and check the domain website against the domain email address.
- Pick up the phone – and call your client to verify.
- Take a quick inventory. If the existing customer is buying unusual product than what they typically purchase AND are buying in fairly extraordinary quantities, STOP and call them via the phone number YOU have on file for them, not the one in the email sent to you with the request.
Sometimes the scammers are also sliding into the daily conversations between Ingram Micro and its partners, according to Kassis. He noted that they have recently witnessed a few cases where a fraudulent email was received by their partners, which seemingly came from Ingram Micro.
Kassis highlighted that they have recently issued a warning about BCE (Business Email Compromise) where they reiterated that partners need to take precautions such as verifying the email addresses of all emails they receive; contacting the sender to confirm the mail either with one-to-one email or via other means; and not proceeding with any payments should they receive details about an unconfirmed changed Ingram Micro bank account.
“We usually, communicate and request acknowledgement in several ways in case we change bank account,” he said.
“Fraud isn’t as easy to spot as it used to be,” explained Kassis. “Scammers are getting better and more sophisticated. At Ingram Micro we are continually training our team to spot potential fraud and to contact you directly to confirm if there is any doubt.”