Fake LinkedIn Profiles Targeting Chip Buyers Used to Commit Wire Fraud
In July 2022, a buyer began communicating via LinkedIn with an individual identifying himself as "Howard Carrick". In his profile, Carrick alleges he has been employed as a sales specialist since 2006 for Express Electronics, Ltd, a well-known independent distributor in the UK (see image 1). The LinkedIn profile is professionally done and includes imagery consistent with imagery used on Express Electronics’ corporate website (see image 2).
On July 19, 2022, the buyer placed an order for 18,000 pieces of Texas Instruments part number LM74700QDBVRQ1 totaling $129,960.00. Payment terms were 20% wire transfer in advance. In response to their PO, "Howard Carrick" emailed the buyer an invoice from firstname.lastname@example.org instructing payment be wired to the following bank account:
Bank Name: Barclays Bank UK PLC
Account Number: 80299219
Beneficiary Name: Express Electronics Ltd.
Payment totaling $25,992.00 was wired as instructed.
When the parts were not delivered as agreed and emails to Howard Carrick were ignored, the buyer reached out to Express Electronics via their corporate website (www.express-elect.com) and was advised no one by the name of "Howard Carrick" is employed by their company and that they do not hold a bank account with Barclays Bank. Furthermore, emails from Express Electronics employees should originate from @express-elect.com, not @expresselect.co.uk. It was at this point the buyer realized they were the victim of a wire fraud scam.
Closer examination of the invoice revealed the company credentials (e.g. phone number and VAT number) appearing on the fraudulent invoice do not correlate with the credentials appearing on the genuine Express Electronics website (see image 3).
In Howard Carrick’s email signature, a link to a fake website appears (www.expresselect.co.uk). The website domain was registered on June 2, 2022; however, no registrant information is available. The website features Express Electronics’ actual logo and but does not at this time feature products available for purchase. Similarly, Howard Carrick’s LinkedIn profile only shows activity that began one month ago.
Once aware their company’s name and likeness had been used to defraud a component buyer, the Director of Express Electronics immediately made attempts to warn unsuspecting buyers of this scam via LinkedIn and various part search database platforms (see image 4). As of this date, LinkedIn has not removed the fraudulent profile.
Unlike other identity theft cases reported by ERAI which are initiated via an unsolicited email offering parts for sale, this scam is wholly rooted in the social media platform LinkedIn. According to a report dated June 17, 2022, the FBI warns fraudsters pose a “significant threat” to LinkedIn. LinkedIn acknowledged there has been a recent uptick of fraud on its platform and last year removed 32 million fake account last year alone.
In this scam criminals hide behind successful companies. Victims will accept invitations to connect because they believe they are connecting with a legitimate company.
The easiest way to avoid being a victim of this type of fraud is to contact the company you are about to do business with via the phone number appearing on their verified and established corporate website. Verify the person you are communicating with is an employee, confirm the purchase order you placed has been received and confirm the bank account to which you are about to wire payment is the company’s true and correct bank account.
SEE MORE BLOG ENTRIES