I had the pleasure of hosting a Procurecon 2012 conference track on Risk & Continuity last week in Atlanta. It was a very interesting show with a great deal of interest from attendees in sharing ways to deal with various elements of supplier and supply chain risk. While we heard a lot about the usual suspects of financial, compliance and environmental risk, one session in particular raised a new issue for me… Corporate Identity Theft (CID).
Dan Waksman, Corporate Purchasing Manager at Yokogawa Corporation presented the challenges he has faced with corporate identify theft at Yokogawa. What is CID? Best explained with Dan’s example in is own words:
“I received an acknowledgement for $28k worth of goods from a supplier I hadn’t used in a while. I realized immediately it was not something we normally order and called the company to tell them not to ship the material. Later I found we had become part of an elaborate scam. The scammers had done their homework on our company. They set up a fictitious web site that looked very similar to ours. They then set up emails and phone numbers with my name and our accounts payable managers name that looked very similar to ours. The phone numbers were set up with a message stating it was me.
The scammers also set up people around the country where they have the goods shipped to then have it forwarded overseas. These people are also victims of their scam thinking they are starting a forwarding business and will get a commission to ship goods. Once this is done, the scammers send out emails to unsuspecting companies requesting credit. If credit is approved, they then place PO’s typically for computer equipment and supplies with invoices direct to the company requesting shipment to a third party.”
Dan went on to say that local law enforcement can’t deal with the problem since the scammers are located elsewhere and use disposable cell phones. The FBI is only interested if the amount of the scam is greater than $10 million. Otherwise, they offer a website for documenting the scams so that others can reference them.
So take a look at your order confirmation and ASN processes to be sure you have the ability to catch this kind of fraudulent activity.