FBI Issues Alert to Warn Government and Health Care Buyers of Advance Payment and BEC Scams
The US Federal Bureau of Investigations (FBI) issued an alert to government and health care buyers because of increasing scams targeting those who purchase personal protective equipment (PPE). The FBI alert reports a variety of fraud schemes targeting those who need to buy PPE gear, and other medical equipment such as ventilators which are in short supply. According to the FBI, the fraud involves domestics and foreign bad actors.
Fraudsters are using imposter scams to divert funds from legitimate orders. This type of fraud is known as a business email compromise (BEC) scheme. A BEC scheme occurs when a scammer uses an email address that is closely named to a legitimate email address that is familiar to the target. Often, the fraudulent email address is only a few letters different in spelling and may use a company name in the body of the email that is the same as or closely name for an existing business relationship. BEC schemes can use information gleaned from social engineering. The scammer may also call on the phone to give payment instructions or to gather more information to use in their imposter email.
The alert states, “In one case, an individual claimed to represent an entity with which the purchasing agency had an existing business relationship. By the time the purchasing agencies became suspicious of the transactions, much of the funds had been transferred outside the reach of U.S. law enforcement and were unrecoverable.”
FBI Says Scammers Want Money Up Front
Scammers may demand advance payment via wire transfer then never delivering goods. These scams are trending at a time where PPE equipment and ventilators are scarce. Buyers are stressed to find sources that can deliver equipment. Manufacturers are not committing to prices and contracts but are instead selling to highest bidders. Once an agreement has been struck, government buyers often report that the seller calls back a few hours alter to say they sold o someone else who is willing to pay more. This competitive buying climate creates a situation with convenient targets for scammers.
Indicators of a BEC Scam
- Seller contacts the buyer first
- Seller does not have details about the product such as manufacturer
- Urgency to transfer funds
- Email or phone request to divert payment to another account
A BEC scam is how Shark Tank host Barbara Cochran was scammed out of $360,000. The scammer emailed an invoice to her accountant, claiming to be an assistant known to the accountant and Ms. Cochran. The meal contained an invoice form a German company that was closely name for a company that Cochran does business with. Without verifying the validity of the invoice or who the email came from, Cochran’s bookkeeper wired the money to the hackers, Fortunately, with the help of a German bank, they were able to pull back the transfer and recover the money.
The FBI Alert Recommends the Following Mitigation Tactics
- Do not contact the seller using any information given in an email or over the phone. Verify their business status and contact information through an independent source
- Verify with the manufacturer or verified distributor that the seller is a legitimate distributor
- Do not pay the seller until equipment is delivered or have the money held in escrow
- Do not re-route payments without verifying the person requesting the change. Call the seller rather than responding to an email or another phone call
- Verify the manufacturer, model, and quality of the purchased equipment