Food industry targeted by BEC scams to gain physical goods

Get in Touch

Get in Touch

Overview

Several food manufacturers in the US have fallen victim to business email compromise (BEC) scams resulting in the loss of several hundreds of thousands of dollars of products. To date, the single item targeted as part of this campaign has been powdered milk.
In one instance a supplier lost US$160,000 worth of product as a result of a fraudulent purchase order, while another lost several shipments totalling nearly US$600,000 without realising there was an issue until invoices were challenged and payment wasn’t received.

Background

The targeting of the product may not be intrinsically obvious; however, it reaches back to a 2008 scare in China where melamine was mixed with powdered milk. As a result, six children died and thousands more were hospitalised. This led to Chinese parents being wary of domestically produced powdered milk and a significant uptick in the use of foreign brands. As a result, these brands command a higher price, and this trend in preference and price continue to this day.
In 2019 an organised crime group in Australia was broken up by law enforcement. The gang’s modus operandi was to shoplift powdered milk and to resell it overseas. At the time it was estimated that the gang had stollen AUS$720,000 worth of milk powder.

Threat Landscape

Cybercrime is always evolving and the loss of physical goods as a result of it is nothing new. The scale and targeted industry sector, however, are. Given the level of success of the scam and inflation / cost of living increases, it is expected that attacks of this nature are likely to increase, and the targeting of the sector is likely to broaden. Indeed, in one instance in August 2022 a similar BEC scam was detected by a supplier which requested a literal truckload of sugar.

Get in Touch

Food industry targeted by BEC scams to gain physical goods

Overview

Background

Threat Landscape

Potential Impact

Sources