If supplier send you new bank account with new email address, beware!!

Filed Under:Fraud & Scam   |   Viewed by: 19644 Persons

This article is a real story.

I have read similar stories in the Chinese supplier community quite a few times, but never expected that this could happen around me.

So this article is a warning to all Chinawhy readers.

We have been helping an old client(and friend) to buy machinery from a supplier in Zhejiang province. The first order was purchased in last year, we helped with sourcing, verification and quality inspection.

All good. Supplier is a decent factory, quality is good.

This year the client sold out the stock and planed to place a big order.

The client has been in contact with supplier for a long time to finalize the second order. The client noticed that the supplier often switched from company account to personal account to reply to client.

But she didn’t think too much about it, until the supplier sent a personal account and a third party company account to the client, asking her to pay balance to that account.

The client is an experienced veteran importer, so she become alerted.

She then called the supplier to check if the contact still worked in their factory. It turned out the sales girl is still working there.

The supplier told the client “they never sent personal account”, and think the client is “too worried”.

Then the client called me, asked for my opinion.

I thought there were two possibilities:
1) the supplier’s email was hacked, so the hacker sent out the new payment information
2) the sales girl might try to steal the business from the supplier

I then called the sales manager of the supplier to check what is going on. After investigation, the sales manager told me that:
1) they never used personal email account to communicate with client
2) they thought their email might be hacked as they found out the new bank accounts was not sent by the sales girl.

So the sales manager sent a few emails to the client to explain what was going on. However, the client never received the emails.

The next day I received another phone call from the sales manager. She gave me an astonishing update:
The hacker sent an email to the supplier pretending to be the client, they registered a similar email account to what the client have been using. For example, if the client used an email account like Morrocan@aol.com, they registered a similar one like morocan@aol.com. The hacker asked the supplier to download updated contract attached in the email, which the sales manager find to be a Trojan virus.

So it is obvious that the hacker has hacked into the email system of either the supplier or the client. They noticed there was big quantity order going on. So they registered 2 emails, one was the private email of the sales girl, the other was a similar email to the client. Then they used the personal email account to communicate with the client and used a similar email to the client to communicate with supplier.

They have been in the middle for a long time, hidden in the shadow, waiting the chance of payment, then they sent their bank account, asking the client to send the balance to his personal account.

What a thing!!

Fortunately the client didn’t send the payment to the suspicious new email sent by “supplier”, that saved her.

Last week, one of my Ecuadorian client become the victim of this same scam, send payment to a third party company account in Hongkong, without confirming with supplier.

So, lessons learned from this story:
a. If the supplier give you a new bank account to send payment to, always call the supplier to confirm.
b. Changed your email account password periodically.
c. Hire IT specialist to take care of the security of your computer
d. Send an email to your client now informing them you will use company email account only to contact them, asking them always to confirm with you by telephone first before sending payment to new account sent from your email account.

Please spread this story.
 

Share This Article To Your Friends On:

      

Subscribe Our Newsletter:


Receive monthly email from Chinawhy experts, on tips, articles, knowledges, intelligence and alert of china sourcing, quality control, due diligence, supplier management, legal and more

Related Articles:



Comments

0 Responses to " If supplier send you new bank account with new email address, beware!! "

Leave a Reply





Check to Subscribe Now