- Proofpoint observed hackers using stolen files to forgery of companies
- The threat actors would send RFQ -e emails and ask for Net 45 Financing Terms
- The goods would end up being sold in African countries
Cyber criminals have found a way to utilize stolen company files to achieve actual physical goods, and this is a business practice called quote (RFQ).
One request for an offer is when one company asks someone else how much it will cost to buy certain products and is used when buying in bulk, want to compare prices or look for volume -based discounts.
But according to security researchers on proofpoint, scammers use files stolen in other cyberattacks to decay the companies and create compelling RFQ -E emails.
Shipment to Ghana
In E emails, they will ask for all kinds of equipment, from networking equipment, to CCTV cameras, health care hardware and the like.
After receiving an offer, they would then ask for Net 15/30/45 Financing Terms – Payment Terms, giving the buyer 15, 30 or 45 days to pay the full invoice amount with interest * after * receipt of the goods – which is common practice in B2B transactions.
If the victim company agrees, the scams share a shipping address. Sometimes these are housing addresses and other times they lead to rented warehouses across the United States. From there, Crooks would hire shipping shipment services that specialize in sending goods to West African countries such as Nigeria and Ghana, where gear ends (likely to be sold).
The victim, on the other hand, never gets their money as the scams just disappear.
Proofpoint also stated that shipping shipping services probably do not even know that they are transporting stolen goods and that people living in houses listed as a shipping address may be scammers, or former fraudsters themselves want to pay a debt.
The researchers also said that they spur and block E emails associated with RFQ fraud groups, and collaborated with the company’s Depchedown -Team to successfully get down over 19 domains associated with these fraud.
