Michelle Tzhori  is a Partner at Shibolet & Co.  responsible for managing the firm’s China Desk in Shanghai .

We had wired a deposit of $$$ based on a purchase order issued by a Chinese supplier:

  1.  with whom we have been doing business for many years now; or-
  2.  whom we have met at a fair in China; or-
  3.  whom we sourced through XYZ platform;

sometime later we have realized that we are a victim of an internet fraud”. We have been hearing this kind of complaintsincreasingly in the past few years. Due to language and cultural gap, and the far away distance between the manufacturing world arena, China, and the entity, which places the order, trading transactions with Chinese suppliers are becoming more and more internet-drivenand are being conducted through emails, Skype, file-sharing platforms etc. This relatively new practice provides a fertile ground for imposture. In one case, a buyer communicated with his long-term supplier for a repeat order related to aproduct that has been consistently ordered from the same supplier on a bimonthly basis. Once the technical details and packing instructions were concluded, the supplier asked for a deposit. The buyer has neither hesitated nor questioned this request, as it was inline with his past experience with this supplier. The supplier gave the buyer the details of his new bank account and the buyer wired the deposit. It was only two weeks later – pursuant to a phone call with the supplier, intended to clarify some delivery details – that the buyer realized he was cheated.

In another case the order was placed via email and the supplier provided his bank account details. A day later the supplier updatedthe buyerthat the transaction wouldbe done through an affiliated entity within the same group. New bank account details were exchanged and the buyer paid the deposit to the new beneficiary. Needless to mention, the new beneficiary was an imposter and the money was paid in vein.

This kind of cases sprout from the same field of hackers. These hackershack to a supplier’s email account, readthrough his emails, learn the details of a negotiateddeal, imitatethe supplier’s writing style andsend emails from the supplier’s email account or from a personal email account which username is similar to the supplier’s domain. The hacker later on provides new bank account details while giving an excuse to why the previous bank account is inactive or cannot be used, and eventually collect the proceeds of the deal on the supplier’s behalf.

From this point onward the consequences vary. In few cases the fraud was revealed a week or longer after the remittance of funds. By that time, the hacker has already withdrawn the funds from his bank account and vanished. All was left for the parties to do was to file a complaint at the local police and hope the case will be ‘spicy’ enough to win the police’ attention.

In another case the actual supplier himself called the buyer to discuss some issues related to the order. In this phone call the buyer informed the supplier that he remitted funds and immediately realized the fraud. Through speed communication with the banks the buyer was able to block the bank account of the hacker in China BEFORE funds were withdrawn from the bank account.

Internet fraud in China is not rare and does not reflect on your professional skills. It can happen to anyone but can be prevented or managed. In order to reduce your risk we recommend the following:

For an inception of business with a new supplier:

  1. Conduct an initial due diligence on such supplier. Obtain information and references on the supplier from various sources. Conduct this stage the same way you hire new employees.
  2. Meet the supplier face to face or conduct a videoconference. Nominate your trustworthy representative in China and have him visit the supplier in his factory or showroom.
  3. Place a test order with minor dollar amount. If something goes wrong it will not involve a substantial loss.

For ongoing business with a long-term supplier:

  1. Always backup your modern e-commerce with the old methods of communication. Call the number on your supplier’s name-card; review the order details on the phone; discuss payment methods and let the supplier know the date of the coming payment.
  2. Whenever there is a deviation from the normal course of payment – whether a new requirement for payment terms, new beneficiary name, new bank account details etc. – be alerted! Double-check that you are communicating with your supplier. Investigate what stands behind the change. Speak to your normal contact person to understand the change.
  3. When your contact person changes suddenly, with the new person explaining that the previous one resigned, call the previous contact person.
  4. Upon the fund remittance, notify the supplier of the payment, via phone.
  5. If you are a victim, act quickly. The date you have traced the fraud is of high importance. Within few days from the remittance date you can still block the bank account of the imposter and freeze the funds. This step can be promptly executed through efficient swift correspondences between the banks. Simultaneously, your supplier must place a complaint at the local police. This complaint shall allow the beneficiary bank to release the funds held in the imposter’s account back to your account.
  6. In any case, place a complaint at the local police and make sure the police starts investigating the case. It is only the police who can trace a hacker, force the bank to reveal documents, and find the identity of a hacker.

The simplest way is not always the safest one. Do not make shortcuts. Invest precious time checking your supplier and following up on every step in the business transaction, and ifyou did fall, do not hesitate to grab the hand of a professional that can assist.

News