1 min read

Cyber Crooks Use Phishing to Steal ... Powdered Milk

Filip TRUȚĂ

December 19, 2022

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Cyber Crooks Use Phishing to Steal ... Powdered Milk

The FBI and US federal regulators have issued a joint cybersecurity advisory warning food suppliers that cybercriminals are using phishing techniques to order large volumes of food and then forgetto pay for them.

The FBI and US federal regulators have discovered a recent wave of incidents involving “criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars.”

“The victim company fulfills the order and ships the goods, but the criminals do not pay for the products,” reads the advisory.

Criminals then repackage the products for individual sale without regard for safety and sanitation regulations, risking contamination or omitting necessary information about ingredients, allergens or expiration dates, according to the notice.

In one instance, a powdered milk supplier was left on the hook for $160,000 worth of product after responding to a fake order leveraging spear phishing techniques. Another lost $600,000 worth of shipments to a similar scam.

According to The Register, intense demand for powdered milk traces back to a 2008 incident where milk powder laced with melamine killed six children and hospitalized thousands more, leading parents to shun domestically-made milk powder and switch to foreign brands.

The advisory includes the fed’s usual list of recommendations to combat business email compromise and spear phishing, such as keeping an eye out for spoofed domains and email addresses, verifying contact information given by alleged buyers, looking for grammar or spelling errors, watching for last-minute changes in wire instructions, and more.

The notice also includes a comprehensive list of technical recommendations to IT administrators.

According to the FBI, BEC is one of the most financially damaging online crimes, netting scammers almost $2.4 billion in 2021 alone, based on 19,954 recorded complaints linked to BEC attacks targeting not just businesses but also individuals.

tags


Author


Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

You might also like

Bookmarks


loader