Over the past month, business has been painfully slow for most companies but it’s a busy time for cyberthieves. Scams involving email orders are on the rise as distributors and suppliers, eager for business, may relax their usual safety procedures and overlook the red flags in hopes of landing new business.

One such scam has recently been reported involving an elaborate phishing scheme targeting buyers and sellers of personal protective equipment (PPE) and involving a seasoned industry distributor and an importer previously used by the distributor.

In short, the distributor received an email from the importer looking for a buyer for three million available N95 face masks that were shipped from China. The distributor, Tonia Allen Gould, CEO of Tagsource, LLC, was intrigued and began asking questions. She quickly realized something wasn’t right and did her own sleuthing to confirm it was a scam. She offers a warning to other industry companies to be wary of unexpected orders that look too good to be true. “The promotional products industry is ripe for the picking because we have buyer/distributor/supplier/importer/factory relationships,” she says. “We are one industry that has the full supply chain in our back pockets.” Read more on her blog here.

In general, know what to look for whenever doing business online:

  1. Look for poor spelling or grammar.
  2. Notice whether they ask for personal details in an email; your bank will never ask for security information or account information in an email.
  3. Don’t open attachments or click links if it’s from someone you don’t know or if you are not expecting it.
  4. Be wary of orders from new customers submitted through your website. Scams often start with asking for a quote on a large quantity of items, especially USB drives and blank t-shirts.
  5. Do not reply to spam. Educate your staff on this practice, too.
  6. Practice good security measures. For example, create a strong password and do not reuse your email password on other services. Enable encryption in your email settings. Use antivirus software and keep it updated, and set Windows to automatically update or install all security updates. Use a reputable company to host your email and ecommerce.
  7. When shipping offshore, be wary of a shipping address that is a private residence.
  8. Research the address on Google Maps, which often provides snapshots of what a building looks like. Sometimes this step can help filter out fraudulent orders.
  9. Check the company’s website to ensure that the address and phone number match the information on the order. Click links on the website to make sure it’s legitimate too.
  10. Scammers almost always pay by credit card. Before you establish open credit for an unfamiliar company, look it up in Dun & Bradstreet.
  11. Be sure the company is legitimate by checking it out on Google and then calling to check.
  12. Generic domain email addresses such as @hotmail.com are often tip-offs to a scam. Check it out first.
  13. Use caution if the requester offers to pay immediately by credit card or requests immediate shipment.
  14. Know the person or company to whom you are selling. If you don’t know them, find someone you know who does.