We are all familiar with the famous Nigerian prince emails. This is the way it works: a Nigerian prince would send you an email explaining that he is in a bit of a jam. All he needs, is for you to send him $1000 dollars so that he can regain access to his billon dollar bank account. In return for your help, he promised you $20 million. That sounds almost too good to be true, and that’s because it is. It’s the classic Nigerian scam.
These scams have been a massive success. Estimates of the total losses due to the scam vary widely since many people are too embarrassed to admit that they were stupid enough to fall for it in order for them to report the crime. A United States government report in 2006 indicated that Americans lost $198.4 million to Internet fraud in 2006. That same year, a report in the United Kingdom claimed that these scams cost the United Kingdom economy £150 million per year. That’s data from 2006, imagine what the numbers are these days.
Luckily, over the years, most people became aware of the scam and automatically deleted all such emails. It makes sense, why would you send money to some stranger you’ve never heard of? So the success rates of the Nigerian scam took a nosedive. The scammers decided it was time to head back to the drawing board and find a new strategy. It seems that the Chinese have come up with the solution.
Say hello to the Chinese Vendor Hacks (CVH). The Chinese understood that asking the marks to give you their details/money isn’t going to cut it. So what is the only logical solution? Make the people come to you. Make the people send you the email and have them ask you where to send the money.
So how does it work?
The Chinese hackers take control of a vendors email account and elegantly divert the customers money that was meant to buy goods, into the hackers private accounts. These days, a massive amount of commerce is done online with vendors that we never talk to on the phone or meet in real life face to face. That’s the beauty of this scam. The hackers wait for orders to come in, send the customer an email from the vendors official email account and make up an excuse explaining that the payment needs to be sent to a different account. As the customer is the one that came to the vender on his own free will, it’s unlikely that he will suspect anything. The hackers would explain that the funds need to be sent to their new account, you innocently send them the money and that’s that. The money is gone and the product you wanted to buy will never be sent.
Is there any hope?
Actually, yes! A recent Shanghai court ruling states that a victim that acted based upon the instructions in an email that was sent from the vendors account, the said victim has held up his part of the contract. Therefore, the vendor needs to keep up their end of the deal and supply the goods even if the money was sent to the hacker. This case is a surprising ruling considering recent proceedings in China.
Let’s avoid the courts all together. How can I avoid this scam as a buyer?
1. Thoroughly inspect a new supplier before you begin working with them. Go on Google and type in the vendor’s name with the the phrase “scam” and see if anything comes up. If possible, also talk to friends or business partners that may have used the vendor is the past and see what they have to say.
2. Meet the supplier face to face or conduct a video call if at all possible. If this isn’t possible, you could try and find a trustworthy contact in China and get them to check out the vendor for you.
3. Start small and place a small test order. If something goes wrong it won’t be a big hit.
4. If possible, review the order details on the phone. Call the vendor and confirm payment methods.
5. Whenever there is a deviation from the normal course of payment speak to the vendor and confirm that this change is proper and kosher.
6. If you are suddenly contacted by a new contact person from the vendor that claims that the previous one resigned, call the previous contact person and confirm this.
7. Use common sense.
