October 10, 2022
Email Spoof Scam Tries to Swindle Promo Company, Employee Out of Funds
A firm that specializes in recruitment for the promo products industry nearly fell prey to a scheme that could have conned the business – and one of its employees – out of thousands of dollars.
At first look, the email Kevin McHargue received from his supposed employee seemed innocuous.
The woman, or so he thought her to be, said she was changing her bank account number, bank routing information and tax withholding status. Knowing the employee was getting married soon, McHargue didn’t think much of it and prepared to make the changes.
Only, as the co-founder of PromoPlacement would soon learn, it was all a scam orchestrated by crooks intent on conning the company and the employee out of hard-earned cash.
“Thankfully we caught this in time,” says McHargue, whose Missouri-headquartered firm specializes in recruitment and employee placement within the promo products market. “If we hadn’t, every dollar owed to this employee would have gone to a phantom scammer.”
Cons targeting the promo industry have been proliferating of late. This particular attempt didn’t fit the pattern of those other schemes, which generally have involved fraudsters posing as real people in purchasing positions at companies and educational institutions and then trying to get promo distributors to ship large quantities of product for which the hucksters never pay. Indeed, there’s mounting evidence that an organized racket is systematically targeting promo with those swindles, some industry executives believe.
While there’s no evidence that the scam directed at PromoPlacement had any connections to these other cons, particularly as such a scheme could be perpetrated against any company in any industry, McHargue says promotional products companies should be aware that this type of fraud is circulating.
“If you don’t catch it, it could be a big deal,” McHargue asserts. “I doubt insurance would have covered us, had we sent money to the scammers. And we of course would’ve made our employee whole. That could add up quickly.”
In the PromoPlacement incident, the employee works remotely, which in a way facilitated the scam, as communication was often through email.
After McHargue received the initial message, he followed up with who he thought was the employee to obtain the new bank information. Receiving no reply, he called the employee. She responded that McHargue must have her confused with someone else, for she’d requested no such change.
The scam unraveled from there.
The employee reviewed the email from the con artist and confirmed it was not from her. Patrick McHargue, PromoPlacement’s director of talent, analyzed the email address on the message from the fraudster and realized that it closely mimicked the employee’s actual email address – but was different. It was a case of spoofing, a form of cyberattack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
“Don’t be fooled just because the sender name is someone you recognize,” says McHargue. “Review the email address and compare it to the one you already have for the person who is supposedly contacting you.”
McHargue learned other lessons from the experience, too. “We’ll never consider a change request like this through email again,” he says. “Everything will be verbal.”
In an odd twist, McHargue subsequently received a spoof email from a scammer posing as another PromoPlacement person, also notifying of an upcoming banking information change. This time, there was no delay in spotting the attempt at a hoodwink. “It was,” he shares with a dry laugh, “from me. Or rather, someone pretending to be me.”