Fraudsters are targeting channel firms in a new scam which sees them stealing distributor log-in details and ordering thousands of pounds of goods, for which the resellers are billed.
So far it is estimated that between 10 and 15 resellers in the south have been hit by the fraudsters in the past couple of weeks, with as much as £900,000 worth of kit, mainly Apple products, being stolen.
The fraudsters are believed to be targeting all the major distributors, including Computer 2000 (C2000), Ingram Micro and Micro-P.
One sign that a firm is being targeted is the start of a massive spam attack on a reseller’s email system, which leaves the distribution account holder unable to send or receive emails for a prolonged period of time, and which hides any invoices resulting from the criminals’ activities. By the time the system returns to normal and any invoices are found, it is often too late.
The police are aware of the problem, but as yet have not responded to CRN’s enquiries.
Chris Calvert, managing director of VAR Millgate Computer Systems, said both resellers and distributors should be on their guard for these fraudsters after he was stung a couple of weeks ago.
“We never place a £15,000 order online without negotiating special pricing, but they spread the orders around, putting smaller orders through and somehow got away with it," he said. "The invoices then came here, which is when we found out what had been happening.
"We are lucky because we have taken out insurance against this kind of thing because we have been hit by fraudsters before, but smaller resellers could be wiped out by this criminal activity if they are stung," he warned.
“We are not sure exactly how the criminals are getting log-in details, but they may be sending out phishing emails purporting to be from distribution. I would urge everyone to be extra vigilant and for distributors to check all their orders extra carefully and be on the lookout for abnormal or unusual orders. These people have obviously found a weakness that they are exploiting.”
Andy Dow, marketing director at C2000, said the firm already had tight security procedures in place and has put extra security precautions around accounts as a result of this activity.
“It is very important that distribution right now works to do everything it can with resellers to make sure everything is as secure and safe as possible,” he said. “We have a system that restricts buying to IP addresses and we are urging everyone to sign up to this. There are more electronic safeguards than ever before and we now know what to look for with these fraudsters and when to be nervous. We are keen to work with any resellers concerned about this particular fraud to guarantee their security.”
Mark Kahr, marketing director at Micro-P, said there will always be fraudsters, but he was confident the company is fighting them effectively.
“We have had fraudsters trying it on for a while, but we have a system of checks in place and we will only deliver to the exact address on the card with all first deliveries. We will not deliver to home addresses or other addresses until subsequent orders, and only then after we are satisfied with all the security checks," he added.
“Fraud is definitely not up this year and bad debt is flat as well, so we are on top of things. We have 20 people working on accounts receivable and keeping their eyes out for any fluctuations so we are able to spot any abnormalities and keep the fraudsters at bay.”
UK-based MSP snaps up Qunifox, bolstering its Benelux arm to 125 employees
Credit guru Eddie Pacey emphasises that good credit control is vital as he reminisces on a case involving an Essex-based reseller
Customers offered trade-in discount of up to 30 per cent as part of vendor's new channel recruitment programme
From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks