The US Department of Homeland Security (DHS) has issued a fraud alert after discovering an international fraud ring has been impersonating government officials to steal computer equipment from suppliers.
Various members of the ring, based in Atlanta, Georgia, have impersonated a DHS procurement official to obtain goods, according to the DHS’s Office of Inspector General (OIG).
Members of the gang have also been “stealing electronic equipment intended for other Federal agencies,” it said.
The US Departments of Commerce, Defense, Housing and Urban Development, Justice, Labor, and Transportation; as well as the Federal Deposit Insurance Corporation, the Securities and Exchange Commission and the Railway Retirement Board, have been targeted.
Numerous attempts have been made to steal equipment, with invoices worth as much as hundreds of thousands of dollars in some cases.
In its warning, issued last month, the OIG did not disclose details of how much has been stolen.
However, it revealed that in at least one case, a buyer refused to purchase the stolen goods from a fraudster when he saw “U.S. Department of Homeland Security” on the boxes of equipment.
The fraud scheme involves the gang identifying federal government solicitations for computer equipment, in most cases laptops, hard drives, and smart phones.
They then fax or email fraudulent requests for quotations (RFQ) to government suppliers using the name of a legitimate government procurement official but a false phone or fax number.
Email addresses designed to closely resemble those of U.S. government agencies, with domain names such as “rrb-gov.us” are used in the scam.
“Alternatively, the email’s ‘From’ header displays a legitimate government email address, but the Reply-To header is a slightly different, non-government email address,” said the OIG.
“In some cases, the fraudsters avoid email and insist on communicating by fax.”
The fraudsters respond to any quotations they receive by sending fraudulent purchase orders including delivery addresses that often turn out to be abandoned commercial properties.
“When the fraudsters receive the shipment, the ringleader decides whether to sell the equipment in the United States or ship it to Nigeria for resale."
Suppliers receiving a RFQ for electronic equipment that appears to come from the US government should independently obtain the phone number for the listed procurement official and call them to confirm the request is legitimate.
The fraud warning also advises that they should only respond to emails when the sender’s domain and the Reply To header end in “.gov” and beware of officials who refuse to communicate by email.
In addition, suppliers should be alert to warning signs such as “typographical errors, unusual language, and distorted US government seals and other graphics.”