Hackers Come!!

Filed Under:Fraud & Scam   |   Viewed by: 9035 Persons

We have written an article entitled “IF SUPPLIER SEND YOU NEW BANK ACCOUNT WITH NEW EMAIL ADDRESS, BEWARE!!”, we warn if “your supplier” send new company account with new email account, beware, hold the payment, call the supplier to confirm the change of email and bank account.

Within 2 months after I published that article, we have another 2 same stories. So far, 3 clients of Chinawhy have encountered same high-tech scam, hackers hack into suppliers emails, then all the email exchanges between the supplier and buyer will be controlled and filtered by the hacker. The English speaking hackers will read the emails carefully to understand what orders are under production and when buyers are supposed to make payment. Then the hacker will send email to buyer (either use the email account of supplier they have hijacked or register a similar email account, for example, if supplier use Steven@yahoo.com, they will register steve@yahoo.com), asking buyer to pay balance to new company account.

Below are some email exchanges between hacker and buyer, from one of the recent story.

Email 1, from supplier to buyer, the supplier’s aliyun email is what she has been using to contact the buyer. This email should have been hacked.

Date: Mon, 2 Sep 2013 15:52:24 +0800
From: kXXXXX@aliyun.com
To: osXXX@hotmail.com
Subject: check the information on the B/L

Dear Osxx,
How are you?
Pls find attched information about B/L.Pls complete the information on the consignee,then send it back to me.
 
Best regards
Kaxxx



Email 2, buyer to supplier
from:osxxxx@hotmail.com
to: kxxxxxx@aliyun.com
Subject: RE: check the information on the B/L
Dear

Deputy BL data

and also attached commercial invoice
modified, because I want to lower value.



Email 3, from hacker to buyer, see hacker registered a similar email account but with a different domain live.com, same tricks in other stories, if I have an email like steven333@chinawhy.net, then they will register steven333@yahoo.com, and tell the client he is using a new email account, or it is more deceptive if I use steven333@yahoo.com, and they register a steve333@yahoo.com, who can detect the difference.
From: kaxxxx@live.com
To: osxxxxx@hotmail.com
Subject: check the information on the B/L‏
Date: Tue, 3 Sep 2013 07:33:01 +0000
Dear Osxxxx:

Pls find attached document for you.

Pls kindly transfer the total amount to our foreign bank account below. As we are unable to receive transfers made to our other account presently.
Pls find bank info below and as attached also for the payment.

ACCOUNT NAME: SEXXX  VTXXX
BANK NAME: INDUSTRIAL AND COMMERCIAL BANK OF CHINA BEIJING BRANCH
BANK ADDRESS :NO 45 MUDYUAN LU, BEIJING CHINA
BANK ACCOUNT NUMBER: 62122602000XXXXXX
BANK SWIFT CODE: ICBKCNBJBJM

I am sorry for any inconveniences caused. Hope clearly for you ,if have any problem ,ps kindly contact us.

I am waiting for your kindly reply.
Best regards



Email 4, from hacker to buyer, urging buyer to pay
From: kaxxxx@live.com
To: osxxxx@hotmail.com
Subject: RE: check the information on the B/L‏
Date: Thu, 5 Sep 2013 06:23:58 +0000
Dear Osxxxx

Kindly confirm you have sent the payment to the below bank account sent to you earlier.

ACCOUNT NAME: SExxxxx  VTxxxx
BANK NAME: INDUSTRIAL AND COMMERCIAL BANK OF CHINA BEIJING BRANCH
BANK ADDRESS :NO 45 MUDYUAN LU, BEIJING CHINA
BANK ACCOUNT NUMBER: 6212260xxxxx
BANK SWIFT CODE: ICBKCNBJBJM

Pls provide me with the payment confirmation copy urgently.

I am waiting for your kindly reply.
Best regards
kaxxxxx



Email 5  Buyer to Hacker, buyer is suspicious on the company account change
From: osxxxxx@hotmail.com
To: kaxxxxx@live.com
Subject: RE: check the information on the B/L‏
Date: Tue, 3 Sep 2013 15:32:51 -0500
Dear
What happened to the account of the company
In my country reviewed the payment is made to the account of the exporter company
On the other hand I will send the file to the commercial invoice
a revision of prices.
so those are the values I want for the commercial invoice
you're going to send by courier

is to pay less tax in my country

We can make the value of the commercial invoice go to the account of the company
balance and sent him to another account



Email 6, Buyer to Chinawhy, ask for help
Dear Steven

I have the following questions?

The contact Kathryn of the Company  Sichuan XXX
You have communicated by phone with her?
She was present at the inspection?
The workers in your company who know her thee have said anything about her?

I have the following problem

I communicated with her for an email address
prior to shipment wrote me saying that he had
changing email address
After a few days I write another email similar
that will make the balance TT to an unknown account
And finally rewrite me another email different
back saying that email has changed

I write asking for an explanation to the two known emails
and says no one knows I referred
and the other tells me to do the TT to the account known

Truth does not that what happens

You can call the contact number that you
to ask for an explanation?


We then called the supplier, supplier said from last weekend they noticed their email account might be hacked.

I am a bit surprised at the supplier’s reaction in term of the emergency.

The contact girl from supplier said she noticed her email might be hacked, because another client was asking whether they changed the company account last weekend and told them the story. However, she didn’t call to buyer to inform him of the scam, instead she left a message on skype to client, and told us that client didn’t reply to her message.

When I asked what they would do to fight the scam, she said she didn’t know, she didn’t think the police could help.

Then I did a follow up call to the previous supplier of the Thailand client, who encountered the same scam. 2 months later, I wanted to see if there was any update from their side. I called their manager, she said they reported the case to police, but police didn’t give them any update yet, and she felt it would be hard to caught the hacker, as it was high-tech cyber crime, it might be hard to locate the scammer. She said she knew someone was scammed this way, and never got the money back.

I was quite disappointed with the update. Knowing 3 of our clients were nearly cheated by the hacker, while the suppliers and the police(especially the police) couldn’t and wouldn’t do anything to stop it.

I think the police should have technical methods to locate the scammer, with the IP, bank information, it won’t be too difficult job.

That means, buyers have to rely on their due diligence and business sense to identify and manage risk, follow this rule – DON’T SEND PAYMENT TO NEW COMPANY ACCOUNT UNTIL YOU CALL SUPPLIER TO CONFIRM.
 

Share This Article To Your Friends On:

      

Subscribe Our Newsletter:


Receive monthly email from Chinawhy experts, on tips, articles, knowledges, intelligence and alert of china sourcing, quality control, due diligence, supplier management, legal and more

Related Articles:



Comments

0 Responses to " Hackers Come!! "

Leave a Reply





Check to Subscribe Now