The first step in protecting against phone scams is understanding how they work. That’s why we’re starting a new series on the blog, breaking down some of the newest and most popular phone scams circulating among businesses and consumers.
**For more information on how phone fraud affects retailers, register for our upcoming webinar, “The State of Retail Phone Fraud.”
The Scam
You work in a call center as a customer service representative for a retailer with lots of big customers – maybe colleges and universities, hospitals, or construction companies. These customers typically make large, bulk orders, and they can come from many individuals or departments within the companies.
It seems like business as usual when one of your biggest customers calls to get a quote for a bulk shipment of toner and electronics. Once you deliver the quote, you get the purchase order, requesting Net-30 payment terms. Everything looks normal, so you process and ship the order.
Here’s What Really Happened
That order was really placed by a scammer, who probably found your real customer’s details online. To receive the products, the scammer may have changed the customer’s usual shipping address. Alternately, he may have called the customer directly, claiming that the order had been incorrectly shipped to them and offering to send a courier to pick it up. Because of the Net-30 terms, there is a full 30-day window for the scammers to get away with their crime – plenty of time to pick up the shipment and resell the goods on the black market.
A few of the techniques these attackers use for purchase order scams are:
- Cross-channel fraud – Attackers combine email and phone communications to better impersonate real customers. Attackers often set up fake email accounts that look like they are coming from a real customer, then follow up with a phone call to complete the order.
- Courier fraud – It’s hard to say no when there’s a legitimate-looking courier at your door. Attackers often send couriers to physically pick up fraudulently purchased goods.
- Reconnaissance – Many large organizations like universities or hospitals have easy to access corporate information posted publically on the company’s domain. This is all the information attackers need to generate a very real looking purchase order.
Retail Purchase Order Scam Examples
Purchase Order Scam Leaves a Trail of Victims – Last Fall, the FBI issued an official warning about purchase order scams. Investigators found approximately 400 actual or attempted incidents that targeted some 250 vendors, and claim nearly $5 million has been lost so far.
Purchase Order Scam Targeting University Suppliers – CSO magazine reported a rash of scams targeting universities, going back as far as May 2013. The article includes links to official warning from Ohio State University, Penn State University, Texas A&M and more.
Purchase Order Scams Now Targeting Construction Suppliers – Earlier this year, KGC Inc, an industrial and commercial construction company reported falling victim to the purchase order scam. Scammers impersonating the company attempted to place orders for $25,310 worth of equipment.