Suppliers Have Procurement Cycle Risk, Too

Jefferson Santos via Unsplash

Fraudsters impersonated the Department of Homeland Security, the Department of Commerce, the Department of Defense, the Department of Housing and Urban Development, the Department of Justice, the Department of Labor, the Department of Transportation, the Federal Deposit Insurance Corporation, the Securities and Exchange Commission, and the Railway Retirement Board to steal hundreds of thousands of dollars in equipment from suppliers to the US Government.

In an extreme example of phishing, the perpetrators pretended to be procurement officials from these organizations, using the names and “from” addresses of actual staff, with RFQs. Vendors ended up shipping IT gear to “abandoned commercial property”, including “laptops, cellphones, and hard drives.”

According to the Office of the Inspector-General:

“The RFQs use the name of a legitimate government procurement official but include a phone or fax number associated with the fraudsters. They also use email addresses that spoof U.S. government agencies, with domain names such as “rrb-gov.us.” Alternatively, the email’s From header displays a legitimate government email address, but the Reply-To header is a slightly different, nongovernment email address. In some cases, the fraudsters avoid email and insist on communicating by fax.”

On the face of it, it is difficult to believe that this kind of online fraud still succeeds. We’re inundated with this stuff at industrial scale.

Yet, sophisticated suppliers still got pulled into this con and their equipment ended up shipped to Nigeria for further resale.

It is even more difficult to believe in the case of government agencies who are much less likely to solicit RFQs and RFPs directly with vendors than they are to post these requests to government websites.

Corporations and other commercial buyers are much more liable to this kind of risk given that they solicit suppliers directly, often by email or fax.

Guess what? Suppliers will price in the risk that they are self-insuring. Is there a risk that this request is from organized crime? Is there a risk that, even if it is from a legitimate source, the supplier’s proprietary information is divulged to its competitors by a government employee? Is there a risk that the RFP has been “wired” for a competitor? Is there a risk that the supplier will spend thousands of dollars on composing a response that turns out to be a false-flag effort to get competitive information?

EdgeworthBox is a simple way to simplify the experience for suppliers, even as you lower the risk they need to manage. It’s a secure platform so that your suppliers (and suppliers on the platform whom you hope will become your suppliers) can see that you have posted the RFP or RFQ. Your suppliers can contact you using the platform’s messaging functionality, further verifying the legitimacy of the post. Our “network-based sourcing™” approach combines features from financial markets with a marketplace to make sourcing simpler, fairer, and faster. These include a central clearinghouse for administration, a central clearinghouse for data, and social networking tools. We believe that when buyers make it easy for sellers to give them what they want, everybody is happy. Let’s have a chat. We would love to share you with the lessons we have learned.

Founder & CEO, EdgeworthBox. Investor and entrepreneur. I want to change the RFP business process.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Hacking? Hacker? What?

HackTheBox: Optimum

{UPDATE} 跳躍過馬路-青蛙躲避大作戰 Hack Free Resources Generator

Easy censorship-resistant communication with Syndie

Fraud revention

170,000 Popeyes customer accounts were exposed

Desert Finance Airdrop

Launching Vulcan Cyber

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chand Sooran

Chand Sooran

Founder & CEO, EdgeworthBox. Investor and entrepreneur. I want to change the RFP business process.

More from Medium

Smart innovations for construction — RG Group

Chegg Product Overview

What is Strategy?

ViSi Mobile System for Vital Signs