B2B Payments

Anomali Identifies Scam To Steal Gov't Procurement Site Credentials

Procurement BEC scam

An unidentified group is reportedly putting much effort into a complicated scam to steal the login credentials of government personnel. The targets are procurement websites in which governments place notices for purchasing all sorts of products such as trucks and desks, IT World Canada reported, citing a report from The Anomali Threat Research Team.

The scam begins when a company gets a bogus invitation via email to place a bid on a government contract. Companies that are typically able to view offers have registered with the government already and have made a password as well as a user name to help them log in. 

While the email contains a link to what should be a website for procurement, the victim views a convincing facsimile. The victim is then offered a choice of logging in through email credentials from providers such as Google, Microsoft and Yahoo. Anomali, a security firm, says it has found bogus websites of the U.S., Mexico, Canada, Sweden, Australia and South Africa.

Two international courier websites were also reportedly spoofed. According to the report, the scheme is complicated for companies as the fake sites’ internet addresses are convincing. And, even though none of the bogus websites are currently active, the news report notes, “that doesn’t mean they won’t be shortly.”

Anomali wrote in a document on its website, “At present, it is not clear who the threat actors are, but it does appear to be a persistent attack. Spoofed phishing site domains are hosted in Turkey and Romania. The campaign is currently dormant.” 

In separate news, researchers at Agari were warning of Silent Starling, the newest cybercriminal ring using a vendor email compromise (VEC) scam to purloin company cash from supply chains per news in October. Hackers infiltrate employee email accounts within a B2B supplier’s finance departments, with the inclusion of procurement and accounts receivable. 

Hackers spy on the email correspondents and they then use that data to write emails at strategic times, asking for an invoice payment, which is a sophisticated iteration of the business email compromise (BEC) scam that is “particularly hard to spot,” Agari noted.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.