How to Spot Email Scams and Avoid Losses?
With the momentum of strong growth in the foreign trade industry, some criminals use hacking technology to break into corporate mailboxes, making it difficult to guard against.
*Note: Due to privacy protection, the customer name, salesperson and component number in the following content are pseudonyms.
Kathy received an email inquiry forwarded by sales. After receiving the quotation, the customer not only inquired about account support, but also sent a credit reference and company profile document.
Doubt 1: Generally speaking, customers will but rarely take the initiative to provide information for the seller’s reference.
"The current situation is that the first order of the customer's net payment has been shipped. Since the value of the goods is as high as $24,000, it is waiting for customs clearance in the United States and FedEx lacks the capability to manage customs clearance on behalf of customers, so the goods are currently stalled," Kathy said.
However, during the entire process, the customer sent another inquiry for an order worth $105,000, specifying that he wanted an SSD solid-state drive, but he could only provide approximate specifications, and any brand could quote.
Doubt 2: SSDs are easily resold second-hand and are equivalent to hard currency
After Kathy found several quotes based on the customer's needs, the customer placed the order the next day.
At this moment, Tim discovered a clue: the email suffix was inconsistent with the official website, and had three more letters than the official website.
In addition, the order amount was too large and the materials were not commonly made. At this time, everyone became aware that they might have been deceived.
Kathy immediately found the contact information of the "real" customer on LinkedIn, but she sent the email but could not read it back. After a while, Kathy received an email from the customer using another Gmail suffix, claiming that there was a problem with the email server, so she brought a temporary backup of Gmail, and both emails returned messages. The customer requested to use this backup email to communicate to avoid information loss.
Doubt 3: The customer email suffix is different from the official website
Kathy further discovered that the phone number in the email signature was different from the one on the official website. When she checked the client's company address again, Google Maps showed that the location was at an email service company next to a pizza shop...
Doubt 4: The contact number and delivery address are different from the official website
It is not difficult to see from the above cases that the hacker fraud methods are highly targeted, and the targets of the attacks are mainly enterprises that have business dealings with overseas merchants. Due to factors such as time difference and language communication, foreign trade companies mainly negotiate business with overseas merchants through email. After hackers invade the corporate mailboxes of buyers and sellers, they "lurk" for a long time. When transactions between two parties are discovered, hackers exploit network vulnerabilities to steal emails, tamper with email content, and use deceptive means to change the transaction account to a designated account.
Fraud Prevention Guide
Although scammers emerge in endlessly, it is not inevitable. When trading, everyone must keep a sharp eye and not be fooled by routines.
1. Enterprises should strengthen network security management, use secure corporate e-mails, and install anti-virus software on computers used for business transactions, and conduct regular anti-virus operations to check whether there are any security risks.
2. Strengthen the management of company employees, especially salesmen, and ensure the confidentiality of the company's communication permissions, customer information, etc.
3. The company's salesperson should be careful when providing payment methods to customers, and contact customers by phone to confirm the accuracy of the remittance account.
4. For overseas customers, it is necessary to regularly remind each other of their contact information and strengthen communication. It is recommended to use instant chat tools with customers; financial personnel must be double verified by email and phone once they are involved in financial transactions, so as not to give criminals an opportunity to take advantage of them.