Their preferred way to swindle laptops, hard drives and smartphones is by fax.
A transnational fraud ring is specifically targeting America’s federal procurement offices and vendors, according to an alert the Homeland Security Department’s Office of Inspector General issued this week.
Last July, the OIG discovered that members of a ring based in Atlanta, Georgia had posed as a Homeland Security procurement official to get their hands on computer equipment supplied by private vendors. Diving deeper into the case, the IG found that the fraudsters were also stealing electronic equipment from other agencies including but not limited to the Commerce, Defense, Labor, Justice and Transportation departments.
“Some of the purchase orders identified were for hundreds of thousands of dollars each,” the OIG said.
In their scheme, the phony actors find federal government solicitations for equipment such as hard drives or smartphones, and send fraudulent requests for quotations to federal vendors from across the nation. Though the RFQs use the legitimate names of procurement officials, the schemers use their own phone and fax numbers and they are also known to spoof government agency email addresses, using domain names such as “rrb-gov.us.”
“Alternatively, the email’s From header displays a legitimate government email address, but the Reply-To header is a slightly different, non-government email address,” the OIG said.
Sometimes, the fraud ring does not use email at all and simply insists on fax-based communication. They also include incorrect delivery addresses for the products, which often turn out to be abandoned commercial properties.
“When the fraudsters receive the shipment, the ringleader decides whether to sell the equipment in the United States or ship it to Nigeria for resale. The equipment enters the black market, and the government vendor never receives payment for the goods,” they said.
The agency said if vendors receive RFQs for electronic equipment that seem to originate from the federal government, they should independently identify and call the listed procurement officials associated with the requests to confirm that the requests are legitimate. They should also beware of anyone who refuses to interact by email, as well as any unusual language or distorted government seals when communicating.
Anyone who believes they might be a victim of this fraud scheme should call the OIG’s hotline or file a complaint with them online.