03.09.2024 - Overpayment scams and cheque fraud are outdated. Under such scams companies are commonly asked to purchase services from third parties that go beyond the original order. Under normal circumstances the cheque provided should cover all expenses – but in such scams there are no funds to cover the cheque. The third parties to whom the payments are made are fake companies that belong to the scammers. As cheques are now rarely used in Switzerland, scammers are testing new approaches using modern payment methods, as a case reported to the NCSC last week shows.
In a cheque fraud or overpayment scam, criminals try to buy services from a company (usually a hotel or event company) that go beyond what it normally provides. For example, the scammers may ask the company to arrange a car hire or buy meals or tickets for them. The criminals then write a cheque for more than they owe the company and ask it to pay back the excess, in some cases using a money transfer service. Later, the company learns that the large cheque it received, which was supposed to cover all costs, has bounced. Cheque fraud has become so rare that the NCSC almost never receives any reports; there has only been one case so far this year. The reason is obvious: cheques are rarely used in Switzerland. Indeed few countries still use them – France and the USA are two examples. So it is no coincidence that a cheque from a French bank was used in the report mentioned above.
Criminals are testing new scams that follow the same pattern but use digital payment methods. A new case was reported to the NCSC last week.
The scam starts with a fake international company contacting Swiss Company A, which sells wood shredders. They ask Company A to provide a quote for the purchase of ten shredders, worth around CHF 2 million. The international company makes it clear that it expects to receive a volume discount. This will be important later on. However, the purchase will not be conducted through the international company, but instead through another Swiss-based company (Company B). Up to this point, the arrangement seems plausible as there can be many reasons why a foreign company would want to do business via a Swiss-based company.
What follows, however, is very unusual. The international company insists that Company A sign a confidentiality agreement that prohibits it from contacting Company B directly. The whole process is to be conducted through the international company – in other words, the scammers. So Company A sends its quote for the shredders with a 10% volume discount not to Swiss-based Company B, but to the international company. The latter confirms that the offer has been accepted. It quickly returns the contract, signed and stamped by Company B, along with a copy of an employee's identity card. At first glance, everything seems perfectly normal and legal.
However, the international company then has another request. It wants the 10% discount to be transferred to a cryptocurrency account of its choice. Company B will then pay the full amount owing (without the discount) directly at a later date. Now the scam becomes obvious. Instead of writing a bad cheque, scammers use the name of a Swiss company and the identity of one of its employees. Contractors targeted by this new scam are asked to make advance payments to a crypto account. It is only later, when the order falls through and no money has been paid, that the scam is exposed. The alleged Swiss client (in our example, Company B) and the employee whose identity card was used have no idea about the fraud attempt.
The copy of the employee's ID that was used in the scam was probably stolen at an earlier date. It is likely the scammers researched the name of the ID holder to find out where they work, for example on LinkedIn. They were then able to build their whole story around this information.
Recommendations
- If you receive an offer that follows this pattern, do not engage further and break off contact;
- Raise awareness of these potential attack methods among all employees, especially those in finance and key positions;
- Ignore unusual payment requests;
- In the case of unusual orders within the company, check by telephone that the order is genuine;
- Be careful dealing with cheques. It can take three to four weeks before a bank can say for sure whether a cheque is covered or not. You are usually liable to the bank if you deposit a bad cheque.
Current statistics
Last week's reports by category:
Last modification 03.09.2024
