Corporate Identity Theft
A third-party fraudster masquerades as a legitimate existing buyer, often using carefully forged documentation that looks authentic, to place an order with a policyholder. The goods are either collected or delivered to an alternative delivery address put forward by the fraudster, who takes delivery and then simply disappears.
Fake or Suddenly Active Businesses
This is a more patient form of fraud. The fraudster sets up what is to all appearances a legitimate business, trading with the policyholder over weeks or even months to build confidence. Alternatively, a dormant established company, which may even have had a good reputation and favourable trading history, is acquired by fraudsters to use as a front for their fraudulent scheme. After a series of orders which are paid for on time, the fraudster then places a large order with the policyholder, and simply disappears with the goods, leaving behind an empty warehouse and unattended telephones.
Red Flags
The following “red flags” can indicate there is a fraudulent scheme at work:
- Unsolicited orders come in unexpectedly, even if the buyer is a well-known company and regarded as a “blue chip”.
- The buyer insists on collecting their order directly from the policyholder’s premises, rather than having the policyholder deliver to the buyer’s normal address.
- Modified telephone numbers and email addresses.
- A buyer that has been quiet for a while, suddenly places multiple orders across several industry sectors, especially for goods such as FMCG and electronics.
- The order form has inconsistencies in the company logo, and/or spelling mistakes in the document.
- The buyer operates in an industry that is incompatible with the main business of the policyholder, such as an IT company placing an order for steel.
Payment Interception
Here the fraudster masquerades as the policyholder, and tricks the buyer into making payment into the wrong bank account. This is often preceded by the impersonated “policyholder” instructing the buyer that their banking details have changed, using a forged letterhead. Weak cyber risk controls can also create gaps for this type of fraud. Extreme caution should be exercised whenever you receive a communication that banking details have changed for no good reason.
Clients are urged to be alert to the increased risks of fraud. Please know your customer and be sure of whom you are dealing with.