PDA

View Full Version : Buying from China... New Hack... $15K gone...



AL Ursich
05-07-2013, 11:01 PM
This may not be appropriate for the Engraving Thread but buying Laser Engravers from China is a topic that many follow. I recommend anyone dealing with Money Transfers to China look at a post on Engraving Etc where the email Account was hacked to miss direct a Valid Payment to a Bogus Account... Then Hacked Again to change it back... But Money gone... $15K.... Very SAD but a NEW or newer HACK to be aware of... Like posted, a Simple Phone Call confirming the numbers would be the Fix for this IF you only knew... Plus print the email as proof.

If this needs to be removed, no problem... just a FYI...:eek:

AL

Rodne Gold
05-08-2013, 3:40 AM
Can you post the actual nitty gritty details of this scam..always a worry sending big sums of money to foreign countries where language , culture , business ethics, banking systems and protection are not the same as yours...
I see some chinese laser companies are now on paypal which as far as I know , is a reasonable level of protection.

Mike Null
05-08-2013, 7:48 AM
Rodney

My take on what happened is that a bank account number was sent to a US firm by email. The US firm went to their bank and transferred the money. The Chinese firm--reputable and a long time supplier--called asking if the money had been transferred as it didn't show in their account. Somebody at one end or the other hacked the email and changed the account number. The money went to a newly established account at the Chinese bank which was closed following the transaction.

It has the odor of an inside job to me but that's just my guess.

You and I know the people involved from this end.

Dan Hintz
05-08-2013, 7:59 AM
Mike,

Can you send me a link (or non-hotlink it here in this thread)? Doing a man-in-the-middle attack on an email so the sender/recipient don't know it's happening is extremely difficult for anyone but an advanced house, so I call shenanigans on the story as it currently sits. I need more info to determine if it's an actual attack or if someone simply sent an extra email and spoofed the sending address (pretty much anyone can do that). If it truly is the former, I'll let you know, and then we all need to be very worried...

Doug Griffith
05-08-2013, 11:10 AM
I'm with Dan on the spoofing. I see it all the time and never click on a link without taking a quick glance at the address bar to make sure everything is kosher.

Mike Null
05-08-2013, 11:25 AM
Dan

I don't know what you mean by shenanigans.

I am not able to provide any info except that it appeared on the Engraving Etc forum. I do know the parties involved on this end but don't have access to their email. One thing I didn't mention is that this happened twice for a total of $15,000.

It smells to me like an inside job from the Chinese side.

They have involved police from both ends.

Rodne Gold
05-08-2013, 12:12 PM
When I placed my first import order of trophies..full 40 ft container ..I had paid the chinese agents up front 30%
I got a badly worded (which raised my suspicions) mail request for the EXACT balance due with all the bank details etc in the request - was supposed to be paid on BOL , but this was early.
I was also surprised there was No Pro froma invoice reflecting my original order , deposit paid and balance.. and I then checked and I noticed that the recipient beneficiary name and account details had changed from the first deposit and thus skyped my contact and asked WTH was going on.
They claimed their mail had been hacked and this was a false request. I got antsy and subsequently flew to China , checked my goods myself , saw them being loaded into the container , and saw the container to port of exit and I paid the balance into the agents correct account ONLY on production of an ORIGINAL Bill of lading and after the ship had departed. Never dealt with that agent again. Too casual an attitude re the hacking and I had a suspicion it was an inside job...

Dan Hintz
05-09-2013, 7:09 AM
I don't know what you mean by shenanigans.

By "shenanigans", I mean the original poster may not have truly understood what happened, and therefore the conclusion being reached was incorrect. As I said, a MITM attack is extremely difficult to do (though certainly possible), but I can easily spoof an email in 10 seconds. Unless you knew what to look for, you would swear the email was legit.

Mike Null
05-09-2013, 7:16 AM
However it was done, the emails they received had the account numbers altered and they're out $15,000.

AL Ursich
05-09-2013, 1:46 PM
Details on how it was done are still forthcoming. Hopefully this thread will help prevent a post here later, "I ordered my new Laser from China and they say they did not get the money..." It's GONE...


The LESSON HERE: Formerly Assumed Secure methods are no longer valid...

AL

matthew knott
05-09-2013, 2:35 PM
Hmmmm, we have just paid for a new laser, hope it went to the right account !!! Not sure how you can stop this if its a inside job, the problem is you can tell who you are transferring money too, Just an account number and no feedback from the account as to who owns that account or any history of it. I cant see how you would avoid this other than ringing the company and asking for the account number, and who's to say how answers the phone Isn't the same person that sent you the email! I cant believe the email was intercepted and change but i guess their email could have been hacked, if someone can see all their sales leads it would be easy to send out a false invoice with false contact details, quite scary and also probably quite an easy scam to pull. The only tricky bit is getting a bank account to use, and in china i bet thats not hard.

AL Ursich
05-09-2013, 3:31 PM
When I saw starting my business I searched for domain names one night. Found one but wanted to think about it. Next night it was taken and a "You can have this name for $1000.00 place card was in place. I picked a different name and bought it at the same time. Someone behind the scenes reading and cashing in on this....

There is a new post from another person about loosing money in the past on the other thread.

AL

Rodne Gold
05-10-2013, 3:14 AM
If someone hacked into my e-mail server with a login and password (easy to perhaps phish or use a keystroke logger find that out one way or another) they could read and reply to my mails as tho it were me.
Easy enough to send an Invoice with a fraudulent bank acct to a client for payment after finding a "live" transaction/enquiry after reding the mails...
I don't see this a problem particular to China. Could happen anywhere..

Mike Chance in Iowa
05-10-2013, 3:20 PM
This may not be appropriate for the Engraving Thread but buying Laser Engravers from China is a topic that many follow. I recommend anyone dealing with Money Transfers to China look at a post on Engraving Etc where the email Account ...

FYI. It appears that you must be a registered member ($99/year) in order to view that forum. The menu links on that home page are either dead or extremely out of date.

I'll stick with SMC. Keith and his crew do a fantastic job here. :)

Bill Cunningham
05-11-2013, 11:04 PM
Email spoofing & phishing is a problem I had when I signed up to receive payments via paypal. After signing up, I received 6 or 7 paypal phishing emails within 30 minutes, never had any before, coincidence? I think not. I got sick and tired of scrutinizing each paypal email to weed out the scammers, I decided to skip using paypal totally. I just don't need the added stress.