Here’s how it works:
The object of the Scam is for the Scammers to receive easily re-sellable goods from legitimate businesses. The Scammers find suitable targets online and then send out enquiries to web stores for goods, typically brandname stuff that has a ready market. If they recieve a shipment then they quickly re-sell the stolen goods, perhaps on the Dark Web.
By all accounts, the “Purchase Orders” being issued with this particular scam are pretty convincing, but there are a number of indicators to look for:
- Whilst people listed on the PO may actually have genuine roles with The University of Sydney, the email addresses listed on the PO have been changed subtly from the official email addresses listed on the University website. Sometimes the differences may only be one character.
- The Phone numbers listed on the PO are not connected – clearly the Scammers are banking on the fact that no-one will try and ring!
- A Shipping Address in Queensland was given on the PO which seems strange in the circumstances.
When the genuine University of Sydney was contacted about this incident, they confirmed that they had been receiving “several calls a week” from hopeful suppliers to The University that had been fooled by the email scam. The incident has now been reported to the Australian Cybercrime Online Reporting Network www.acorn.gov.au and Queensland Detectives are investigating.
Australian businesses lost money on this scam in two ways:
- Some Businesses actually sent stock out to “The University”.
- Some other Businesses did not send stock out to ‘The University” but nevertheless purchased stock from their suppliers to meet the “Purchase Order”. They now need to either sell or return the stock.
