Coronavirus Crooks Go Shopping On MSP’s Dime, Ingram Micro Warns

“We’ve seen two of these. We know there’s going to be more attempts,” Eric Kohl, vice president of the advanced solutions, networking and security business at Ingram Micro, told CRN.

Ingram Micro is warning solution providers about fraudulent orders as scammers have already seized on the coronavirus pandemic to try to score in-demand items such as laptops and tablets -- and charge them to the partner’s tab.

Eric Kohl, vice president of the advanced solutions, networking and security business at Ingram Micro, said in two recent cases, the distributor’s sales associates discovered a fraudulent order from an end user that slipped past the partner.

“These are two tenured sales guys who know their customers,” Kohl said. “They just felt it was unusual and they know what to look for … They’re looking at the address where it’s shipping to. They’re asking questions.”

In one case, a sales associate called the solution provider about a suspicious order of more than $100,000.

“The guy said, ‘This is legit. I always work with this guy,’” Kohl said. “They said, ‘Look, just do me a favor. Call him up.’”

It turns out the customer who appeared to have placed the order had their email compromised and the order was fraudulent, Kohl said.

That “would have put that solution provider in a tough position,” he said. “It’s our opportunity to do a public service announcement to the solution provider community.”

Kohl sent a letter to partners Monday warning them to be wary of unsolicited orders from new customers, or customers who agree to any price point, ordering items that are not in the partner’s area of expertise, or overnight orders with no concern for costs.

“We wanted to warn our partners proactively. We’ve seen two of these. We know there’s going to be more attempts,” he said. “We want to make sure our partners are validating because we’re in a totally new work format than we’ve ever been in.”

Kohl recommends doing some basic internet checks to make sure an order is legitimate--such as running a search for the shipping address to see if it lines up with a corporate address of the customer and making sure the customer’s email address matches their company’s domain name. To get a sense of where the package is headed, resources such as Google Earth can be used to look at the surroundings to make sure it’s not being dropped off at an abandoned warehouse.

“Where’s the ship to address? [Is it] an empty warehouse, or an old gas station, or [is it] something that is easily accessible by the bad guys?” Kohl said.

The scheme that Kohl’s team intercepted is particularly ghoulish because it uses the helpful spirit of solution providers and distributors as they have undertaken the monumental task to shift the nation’s workforce to remote offices – which often means large, unexpected orders and overnight deliveries.

Frank Vitagliano, CEO of the Global Technology Distribution Council, said he has seen similar cheats during his time with vendors and as a solution provider. He said criminals seize on a crisis and use it to begin probing for weak spots.

“There’s a lot of chaos, a lot of uncertainty, and people are thinking about a lot of different things, like, ‘How do I survive?’ [and] ‘How do I make sure I get product to a solution provider who is desperately trying to get something done?’” he said. “There are so many different focuses right now, that sometimes the bad actors view it as an opportune time to go and accelerate their activity.”

Kohl said his team is doing everything it can to ferret out bad orders before they happen and he is asking partners to do the same.

“We’ll be the second line of defense. Let’s work together so it doesn’t happen. Hey, it’s a great time for a video call with your customer. It’s a great time for a phone call. None of us are on airplanes,” he said. “Let’s take the time to make sure we’re looking into these things.”