Multiple federal agencies have issued a joint cybersecurity advisory (CSA) warning the food and agriculture sector about incidents of criminal actors using business email compromise (BEC) tactics to steal food shipments.
The advisory focuses on criminals who use BEC to impersonate employees of legitimate companies to order food products. “The victim company fulfills the order and ships the goods, but the criminals do not pay for the products,” the advisory states.
“Criminals may repackage stolen products for individual sale without regard for food safety regulations and sanitation practices, risking contamination, or omitting necessary information about ingredients, allergens, or expiration dates. Counterfeit goods of lesser quality can damage a company’s reputation.”
The Crime
Threat actors usually create email accounts and websites that closely resemble a legitimate company. Some even gain access to a company’s email system for sending fraudulent mails.When communicating with the victim company, criminals make use of actual employee names, thereby strengthening the validity of the scam. Company logos are copied to ensure the authenticity of emails. The criminals then falsify credit applications, and deceive victims into extending credit.
In August 2022, a food distributor supplied two full truckloads of powdered milk in response to a request that seemed to come from a multinational snack and food beverage corporation. It was later found to be fraudulent, with scammers having used an email with an extra letter in the domain name. The victim firm had to cough up $160,000 for the shipment from their supplier.
Recommendations and Potential Rise in BEC Scams
The advisory recommended multiple mitigation options, including independently verifying contact information provided by vendors or customers, carefully checking email IDs and hyperlinks for variations, conducting web searches for your company to identify similar domain names that could be used in a scam, and educating employees about BEC scams as well as preventive strategies.The increasing attention on ransomware has made many governments take strict action against such activities, he noted. As such, the return on investment for ransomware attacks for scammers is going to be negatively affected, which could boost BEC attacks.
“Ransomware actors are not going to say, ‘Oh, hey, you got me’ and go away. So it’s possible that you would have this new threat where you have the more sophisticated actors behind ransomware campaigns moving over to the BEC space where all the money is being made,” Hassold said.
