Skip to main content
close search
site logo
Dive Brief

Watchdog finds fraud ring sent fake RFQs, orders to federal tech vendors

Published Aug. 1, 2019
Matt Leonard's headshot
Reporter
Pixabay

Dive Brief:

  • A fraud ring based in Atlanta has been exploiting the federal government procurement process to trick technology vendors into sending shipments of laptops, cellphones and hard drives to abandoned commercial property, according to an alert released last month by the Department of Homeland Security (DHS) watchdog.
  • The fraudsters faxed or emailed fake requests for quotations (RFQ) to vendors around the country, ordered and received the items and never send payment to the vendor. "Some of the purchase orders identified were for hundreds of thousands of dollars each," DHS said.
  • The stolen merchandise was then sold on the black market either in the U.S. or Nigeria, the DHS Office of Inspector General (OIG) explained in its release.

Dive Insight:

The fraud scheme required the ring to impersonate federal employees. A DHS investigation found it was targeting multiple agencies, including DHS, the departments of Commerce, Defense, Housing and Urban Development, Justice, Labor and Transportation; the Federal Deposit Insurance Corporation; the Securities and Exchange Commission; and the Railway Retirement Board, the alert said.

The RFQs used the names of real federal employees and the email's From address was a real government address. But the Reply-To address was slightly modified and a direct line to the fraudsters with domain names similar to those used by federal agencies, like "rrb-gov.us," DHS said.

DHS outlined various prevention measures for vendors to avoid similar ploys. These include only responding to RFQs when the sender has a .gov address in the From and Reply-To headers, being wary of procurement professionals who won't communicate via email and prefer fax, and independently obtaining the phone number for the named procurement official and verifying the legitimacy of the RFQ.

Similar scams have also posed as private businesses looking to trick other companies with a phony request for proposal. The Better Business Bureau (BBB) sent out an alert this week about just such a hoax. In some versions of the trick the linked PDF will be infected with malware, according to BBB.

"Just because an email looks real, doesn't mean it is," BBB suggested. "Scammers can fake anything from a company logo to the 'Sent' email address."

This story was first published in our weekly newsletter, Supply Chain Dive: Procurement. Sign up here.

Editors' picks

Company Announcements

View all | Post a press release
Aroma Retail Supports Exponential Ecommerce Growth with Descartes Parcel Shipping Solution
From Descartes Systems Group
November 04, 2024
AutoStore™ Strengthens Leadership Team with Keith White as Chief Commercial Officer
From AutoStore
November 04, 2024
Redwood’s Fall 2024 Sustainability in Logistics Report: 97% of Companies Considering a Digital…
From Redwood Logistics
November 06, 2024
Automated Logistics Systems Simplifies Customs Clearance with Descartes Foreign Trade Zone Sol…
From Descartes Systems Group
November 18, 2024
Editors' picks
Latest in Risk and Resilience
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell