I read the other day how antivirus software manufacturers are struggling and mostly failing to keep up with new viruses and malware. I thought of that today when I received the third communication in just the last week of what we wrote about as the new scam coming from China. In “Payment Fraud In China. This Season’s Edition” we detailed this new scam:
A foreign company has been making purchases from a Chinese company for an extended period. Payments are made pursuant to purchase orders that specify the company bank account to which payment should be made. Suddenly, the Chinese company sends an email requesting funds for outstanding POs be made to a new bank account. Often, the name on the bank account is not the same as the name of the Chinese company. Often, the bank account is in a different city or even in a different country. Often it is for Hong Kong.
We then wrote on how criminal gangs have started employing this scam, as reported by the China Daily:
- The gang investigated Chinese trading companies making sales to foreign companies operating in 27 foreign jurisdictions.
- After locating the target Chinese companies, the gang installed Trojan horse software on the computer systems of the Chinese companies. They used the Trojan horse to intercept email communications between the Chinese and foreign companies.
- The gang then sent out false emails to the foreign buyers, requesting that they send funds to bank accounts different than those provided in the applicable purchase orders. These accounts were opened in China by the China resident members of the gang. The accounts were emptied immediately, leaving only small sums behind to reward the local gang members.
- Nine local gang members were arrested. However, since the majority of the funds were sent overseas (Hong Kong?) to unknown parties, the stolen funds were not recovered.
This scheme appears to have become even more refined in that all three companies that contacted us told how the bank account information had not been changed via email, but on the actual invoices!
How can you avoid getting caught up in this type of fraud:
- The computer networks of many Chinese companies are not secure. The networks are subject to abuse by employees of the Chinese company and by outsiders. This means that you can NEVER trust an email communication from a Chinese company. Email is inherently insecure in China and you never know with whom you are really dealing when engaging in electronic communication with Chinese companies. I guess we would have to say the same is even true of the invoices you receive.
- Chinese companies are very loyal to their bank and so you should view with extreme suspicion any request to make a change in the payment bank. You should not even consider such a request unless the request is made in writing on a revised purchase order stamped with the company seal. Even in that case, it is important to contact someone you know in the company with supervisory authority to ensure that the request is valid. Email requests to make a change should be ignored, but the request should be forwarded to your trusted Chinese company contact for an explanation.
- Carefully review all bank account information. Monitor both the name of the payee and the location of the bank. Where the payee is even slightly incorrect, do not pay. Where the location of the bank is in the wrong city or country, do not pay. We have seen cases where foreign buyers paid to bank accounts outside of China to payees with no connection to the seller. These cases were all obvious frauds and the buyers lost their entire payment. We have seen millions of dollars vanish into thin air with this sort of scam. The Chinese parties committing the fraud will explain the need for this irregular payment as part of a plan to hold foreign currency outside of China. This kind of arrangement is no longer required in China. Explanations of this kind are indicia of fraud and should be ignored.
Constant diligence is required to avoid being taken in.
You have been warned. Again.
Please be careful out there. Really careful.