I was the contract CFO for a government contractor/reseller who sold Apple and other products to the government and to other government contractors. It started that summer day with an email I received from ACL’s COO: ‘Call me on my cell phone as soon as you get a chance. The FBI just stopped by our office and we have an urgent issue’. When I talked to the COO it became clear that the group of military orders recently placed for nearly $500,000 were fake.
The FBI told us that there was a Nigerian crime ring who looked online for contractors and by contacting Apple and other manufacturers to get lists of their resellers for Apple and other products. Once they determined that the reseller sold to the government, they used their inside connections at military bases to order and arrange for receipt of orders, which they would later sneak off the bases. This was done using a military-looking email address and even live phone calls. The fraudsters put together a real looking government purchase order and sent it to ACL’s office. It even had the correct contact name, Bill Anderson. ACL called ‘Bill’ and though he had some broken English, in Washington this wasn’t that unusual.
Since the military (DLA) had ordered from ACL in the past, it wasn’t that unusual to receive more orders. So after some cursory checking, the first Apple computers and ipads were shipped to a military base. Then more orders came in, for different bases. Same story. Ultimately the fraudsters paid for a small order, some $3000. This further reduced risk around the account, since it wasn’t showing as overdue. However, the orders totaled $430,000.
Finally, after talking with DLA accounting ACL realized it wasn’t going to be paid.
Examining the Facts and Piecing Together the Evidence
ACL’s staff looked closer at the emails-though having official .mil addresses, if one looked at the sent mail their true (non-government) address was visible. This form of spoofing is common and went undetected until after the fact, when it was too late. The damage had been done. The fraudsters had at least two mules: one who made the deposit for an early shipment, and another who worked at a military barber shop, who arranged shipments from the bases to a ship, bound for Nigeria. They ‘worked with’ Fedex by duping them and military shipping clerks into rerouting packages from Fedex facilities and military bases to Fedex offices where they just walked in and claimed the packages. This was done easily with the knowledge of the tracking numbers. Since the packages were addressed to ‘Bill Anderson’ they just walked in, said they were Bill, and without being authenticated, were given the packages. Neither Fedex nor DLA would take responsibility, even when sued. In fact they were tight-lipped about providing information, since they obviously were duped too by having hired criminals to work at their shipping docks and barber shops.Reasons This Fraud Was Successful
- Customer was already an approved account with NET 30 terms in ACL’s system.
- Bill Anderson was an actual employee at DLA
- The emails, phone calls, and purchase order documents seemed legitimate.
- ACL was shipping to military bases and the addresses were actual military bases which made this seem legitimate.