Bumbling fraudsters fail to dupe 'Westcost' customers

But channel warned of spike in more sophisticated scams


Fraudsters masquerading as British distie giant Westcoast failed in their attempts to convince resellers to redirect their payments for products and services to a dodgy bank account, the company has confirmed.

The scam was initially spotted by some of Westcoast's customers, who then contacted the distributor. The company has since notified the police and the rest of its clients.

Alex Tatham, sales and marketing director at Westcoast, said trade clients received communication on headed letter paper informing them to send payments to a new "Westcost [sic]" account.

"The letter stated 'Please change your systems so that payments are made into this particular bank account'," he confirmed.

Tatham said the fraudsters were not successful but urged others to remain on the lookout for swindlers: "The channel should maintain a wary eye," he added.

Historically distributors had been heavily targeted by fraudsters due to the scale of their business, but have in recent years developed systems and processes that stymied the effectiveness - so much so that the focus of those shady characters is shifting to resellers.

Fraud is a growth industry, said Alan Norton, head of intelligence at credit reference agency Graydon UK.

Norton said: "We sent out 50 fraud alerts on specific different threats in the IT channel for Q1".

And not all the attempts scams are as poorly executed as the one against Westcoast.

Norton said the methods are evolving - when criminals place orders with distributors or resellers, posing as a company they've researched on Companies House - which they have sometimes hijacked* - they now tend to haggle on price.

He added that the offer of high profit margins for hardware - in an industry where prices and margins are typically falling - was "historically a warning flag" that an order might be too good to be true.

"But now fraudsters have cottoned onto this and will haggle over price to give the order more credibility - this is the first time we are seeing this," said Norton.

P&G Receivables Services runs regular channel forums and at the most recent one, a couple of weeks back, fraud was a hot topic, said divisional director Laurie Beagle.

"All the while there is a recession, fraud is seen as a relatively soft crime from the point of view that if you walk into a bank with a sawn-off shotgun and get caught you'll go to prison for years.

"Fraudsters in a number of cases don't get caught, and if they do they don't get heavy penalties, it's seen as a victimless crime but that is nonsense," he told The Channel.

Eddie Pacey, a near 20-year veteran of credit functions within IT distribution, and now MD at consultancy EP Credit Management, said fraud was certainly more noticeable when times are tough.

"The IT sector in common with others is fertile ground whether one considers third-party fraud, internal fraud, 'long' firm fraud, accounting irregularities, tax avoidance, VAT and HMRC fraud, company hijack, identity theft or the new threats of cybercrime and security," he said.

Pacey added that the only type of fraud in the channel that is in decline is "good old fashioned 'ram-raids' as no one these days keeps inventory." ®

* The fraudsters file some accounts as the company, apply for credit, pay for the first series of orders and then run the scam on subsequent orders.

Similar topics


Other stories you might like

  • Moscow court fines Pinterest, Airbnb, Twitch, UPS for not storing data locally
    Data sovereignty is more important than Ukrainian sovereignty

    A Moscow court has fined Airbnb, Twitch, UPS, and Pinterest for not storing Russian user data locally, according to Russian regulator Roskomnadzor.

    The decision was handed down by the Tagansky District Court of Moscow after the four foreign companies allegedly did not provide documents confirming that the storage and processing of Russian personal data was conducted entirely in the country.

    Twitch, Pinterest and Airbnb were fined approximately $38,500 while UPS received a fine of roughly $19,200.

    Continue reading
  • Israel plans ‘Cyber-Dome’ to defeat digital attacks from Iran and others
    Already has 'Iron Dome' – does it need another hero?

    The new head of Israel's National Cyber Directorate (INCD) has announced the nation intends to build a "Cyber-Dome" – a national defense system to fend off digital attacks.

    Gaby Portnoy, director general of INCD, revealed plans for Cyber-Dome on Tuesday, delivering his first public speech since his appointment to the role in February. Portnoy is a 31-year veteran of the Israeli Defense Forces, which he exited as a brigadier general after also serving as head of operations for the Intelligence Corps, and leading visual intelligence team Unit 9900.

    "The Cyber-Dome will elevate national cyber security by implementing new mechanisms in the national cyber perimeter, reducing the harm from cyber attacks at scale," Portnoy told a conference in Tel Aviv. "The Cyber-Dome will also provide tools and services to elevate the protection of the national assets as a whole. The Dome is a new big data, AI, overall approach to proactive defense. It will synchronize nation-level real-time detection, analysis, and mitigation of threats."

    Continue reading
  • Intel to sell Massachusetts R&D site, once home to its only New England fab
    End of another era as former DEC facility faces demolition

    As Intel gets ready to build fabs in Arizona and Ohio, the x86 giant is planning to offload a 149-acre historic research and development site in Massachusetts that was once home to the company's only chip manufacturing plant in New England.

    An Intel spokesperson confirmed on Wednesday to The Register it plans to sell the property. The company expects to transfer the site to a new owner, a real-estate developer, next summer, whereupon it'll be torn down completely.

    The site is located at 75 Reed Rd in Hudson, Massachusetts, between Boston and Worcester. It has been home to more than 800 R&D employees, according to Intel. The spokesperson told us the US giant will move its Hudson employees to a facility it's leasing in Harvard, Massachusetts, about 13 miles away.

    Continue reading
  • Start using Modern Auth now for Exchange Online
    Before Microsoft shutters basic logins in a few months

    The US government is pushing federal agencies and private corporations to adopt the Modern Authentication method in Exchange Online before Microsoft starts shutting down Basic Authentication from the first day of October.

    In an advisory [PDF] this week, Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) noted that while federal executive civilian branch (FCEB) agencies – which includes such organizations as the Federal Communications Commission, Federal Trade Commission, and such departments as Homeland Security, Justice, Treasury, and State – are required to make the change, all organizations should make the switch from Basic Authentication.

    "Federal agencies should determine their use of Basic Auth and migrate users and applications to Modern Auth," CISA wrote. "After completing the migration to Modern Auth, agencies should block Basic Auth."

    Continue reading

Biting the hand that feeds IT © 1998–2022