Georgia Tech Procurement Assistance Center

Search Results for: scam

Scam Alert: Malicious e-mail spoofs being sent to vendors

By

The Defense Logistics Agency (DLA) is reporting that a fake solicitation is being sent to vendors in the form of a Request for Quotation (RFQ).

The fake email solicitation, purporting to be from DLA, has been targeting GSA STARS II vendors.

The emails are not from DLA.mil.  Instead, they are coming from a “Reply-To” address ending in @dla-mil.us, which is not a government address.

In some cases, “stars2@american consultants.com” has been identified to supposedly send messages on behalf of a DLA Contract Specialist — these are also fake.

Some of the bogus emails suggest that vendors use the “stars2” Google Group at https//groups.google.com/a/americanconsultants.com to obtain more information or to unsubscribe from the email communication.  Be advised that “stars2” is not a DLA affiliated group.

Always remain cautious of emails that arrive in your inbox that are not explicitly addressed to you.  Sometimes scammers attempt to hide their actions by addressing their targets in the “bcc” line.

Also, please be aware that the phone number in these recent bogus emails is not a DLA phone number.  In addition, the RFQ form in the email is not an official government form, nor is the signature block legitimate.

DLA’s notice about this matter can be seen here: Vendor Phishing Notice -DLA – 8 June 2018.  The notice shows copies of the bogus emails.

Bottom line: Vendors should always remain vigilant about suspicious emails, and be cautious about opening email attachments.  Questions or comments can be directed to DLA at CERTFusionCell@dla.mil.

In addition, if you ever have a question about the legitimacy of any emails having to do government contracting opportunities, especially those which solicit a fee, please feel free to contact the Georgia Tech Procurement Assistance Center (GTPAC) for advice.  GTPAC can be emailed at gtpacatl@innovate.gatech.edu.

To read previous articles about scams involving government contracting, visit http://gtpac.org/?s=scam

How to recognize and avoid grant scams

By

If an individual contacts you about an opportunity to obtain free money in the form of a grant from the federal government, be extremely wary.  You are likely being targeted as part of a scam.  Any of the following statements should put you on high alert:

Great news! You are eligible to receive a government grant.

Fact: The government does not contact individuals to award grants for which there has been no application. An individual who makes this claim is not from the government and could be trying to collect private personal data from you, such as your Social Security number, bank account number or other such information.

For a small fee, you can obtain a government grant.

Fact: The government does not charge a fee for individuals or entities applying for a federal grant. While financial information may be required as part of the application process, it should be submitted through a government website, such as Grants.gov, and there should never be a cost to you.

The Federal Bureau of Grant Awards has awarded you a $8,000 grant.

Fact: Beware of individuals claiming to work for grants-related government bureaus and departments that do not actually exist. The individual may even provide a valid address for a government office, adding a touch of realism to their claim, but do not be fooled.

Our office is located in Washington, D.C.

Fact: Current technology can fool caller ID systems into reporting that a caller is phoning from Washington, D.C. In fact, a scam artist could be calling from anywhere in the world. Similar tactics can be used with email addresses in online communication, so be alert!

This type of federal grant does not require an application.

Fact: Every grant from the federal government involves an application submitted through a government website, such as Grants.gov. Also, you cannot apply for federal grants over the phone or via email. Any individual claiming that a grant does not require an application, or requires only a phone call or an email, is attempting to scam you.

You won the government grant in a drawing.

Fact: The government does not award grants based on a drawing or raffle; an individual or entity must first apply for the grant through a federal website, like Grants.gov. Any individual who claims the government is awarding a grant, for example, to a lucky group of citizens who have paid their taxes on time is attempting to scam you.

You have been awarded a federal grant that you can spend any way you like.

Fact: Federal grants are usually awarded for specific programs, research or projects – most often to local governments, organizations, institutions and universities. Beware of any individual who promises a government award that can be spent on paying down tuition or credit card debt, or home electronics and décor.

Source: https://www.grants.gov/web/grants/learn-grants/grant-fraud/grant-related-scams.html

2 San Diego contractors sentenced in DoD scam

By

Two San Diego defense contractors were each sentenced Thursday to 15 months in custody for conspiring to commit wire fraud and file false claims, and making false statements on their federal income tax returns.

Jeffrey Harrington, 55, and Michael Mayer, 63, admitted to fraudulently obtaining money from the U.S. government by making false claims to the Department of Defense for payment on items that the defendants knew had not been sold to the Navy, but which had been substituted with other, unauthorized products.

As part of the sentence, three of the companies owned by Harrington and Mayer — San Diego-based Veteran Logistics, Industrial Xchange and Boston Laser Technology — were ordered to forfeit over $1.4 million and pay a $1 million fine for their roles in the offenses, according to the U.S. Attorney’s Office.

Keep reading this article at: https://timesofsandiego.com/crime/2017/12/14/2-san-diego-contractors-sentenced-in-department-of-defense-scam/

Beware of bogus emails supposedly from state contracting offices — and other scams

By

We’ve written about this before, and it’s time to repeat our advice:

Watch out for government contract-related scams!

Counselors from the Georgia Tech Procurement Assistance Center (GTPAC) hear from business people every week who tell us about schemes designed to take their money in return for little or nothing of value in their pursuit of government contracts.

One of the latest examples we received actually came from the purchasing office of the State of Oregon warning us to ignore a bogus email that invites vendors to update their contact information in order to receive details on upcoming contract opportunities.  By clicking on the link, vendors would actually be uploading data about their company — such as bank routing information — which would be used for exploitation.

To see our earlier warnings, read these stories:

Georgia Tech purchasing office issues fraud alert, GTPAC warns of other fraud

Bipartisan Senate bill introduced to protect small businesses from contracting fraud

FTC wants to help small businesses spot cyber scams

Beware of Affordable Care Act phishing campaign

Owner of fraudulent Florida FEMA registration firm faces 20 years

FTC wants to help small businesses spot cyber scams

By

If you’re a small business owner receiving Facebook messages about a business grant you’ve won, you might be the target of a cyber scam—and the Federal Trade Commission wants to make sure you don’t fall victim.

FTC this week launched a new site designed to help small businesses protect themselves from cyberattack. They’re often easy targets, especially because they don’t have the financial resources larger organizations do to constantly monitor their networks, according to FTC.

The Facebook scam, in which criminals posed as a recipient’s friend to collect cellphone numbers, is just one example; the percentage of spear-phishing attempts directed at small businesses rose from 18 percent in 2011 to 43 percent in 2015, according to Symantec’s threat report.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2017/05/ftc-wants-help-small-businesses-spot-cyber-scams/137734/

Fraud alert: HHS OIG hotline telephone number used in scam

By

The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) recently confirmed that the HHS OIG Hotline telephone number is being used as part of a telephone spoofing scam targeting individuals throughout the country.

These scammers represent themselves as HHS OIG Hotline employees and can alter the appearance of the caller ID to make it seem as if the call is coming from the HHS OIG Hotline 1-800-HHS-TIPS (1-800-447-8477). The perpetrator may use various tactics to obtain or verify the victim’s personal information, which can then be used to steal money from an individual’s bank account or for other fraudulent activity.

It is important to know that HHS OIG will not use the HHS OIG Hotline telephone number to make outgoing calls and individuals should not answer calls from 1-800-HHS-TIPS (1-800-447-8477).

HHS OIG encourages the public to remain vigilant, protect their personal information, and guard against providing personal information during calls that purport to be from the HHS OIG Hotline telephone number.

The OIG’s office also reminds the public that it is still safe to call into the HHS OIG Hotline to report fraud.  The OIG particularly encourages those who believe they may have been a victim of the telephone spoofing scam to report that information through the HHS OIG Hotline 1-800-HHS-TIPS (1-800-447-8477) or spoof@oig.hhs.gov. Individuals may also file a complaint with the Federal Trade Commission 1-877-FTC-HELP (1-877-382-4357).

 

Source: https://oig.hhs.gov/fraud/consumer-alerts/alerts/phone-scam.asp

Beware of scams involving FEMA’s response to Hurricane Matthew

By

Hurricane Matthew is being used as a platform to circulate false information to government contractors and other vendors.

femaWe want to make sure that you are aware of this situation so no one takes advantage of you, especially at a time when so many people are vulnerable to the storm hitting Florida, Georgia and South Carolina.

Please be on alert to the possibility of phone calls and emails which encourage you to register in a database that will give your company “priority vendor” status by “emergency managers” (implied to be FEMA officials) so that you can be given the “opportunity to help your community for disaster relief efforts and make profits at the same time.”  The services offered in these solicitations carry a price tag ranging between $195 and $1,200 for a variety of services, including a “priority listing.”

Please be advised that FEMA does NOT have a “priority vendor” program. 

FEMA does maintain a legitimate web site for vendors who wish to voluntarily provide supplemental information on the kinds of services they would like to furnish to FEMA, and there is no fee to use it.  That web site is at: https://www.fema.gov/media-library/assets/documents/29748.

FEMA states: “Submission of the vendor profile form does not place you on a preferred list of vendors to be considered for procurements.  FEMA does not maintain such a list. The form is used to assist in secondary market research and is voluntary.  FEMA does not charge any company a basic registration fee.  There are companies that replicate services of Federal Government entities and there are typically fees associated with their services.  Most Federal Government services, if not all, are free of charge.  Always make it a practice to reach out to the appropriate Federal agency first to inquire about the validity of the service, specifically if a fee is associated with it.”

Please feel free to consult with any GTPAC counselor whenever you are in doubt about the legitimacy of any government contract-related offer.  In fact, we would appreciate it if you would share questionable solicitations with us.

Fraud alert: Beware of unsolicited purchase orders and other possible government scams

By

What would you do if you responded to a request for quotation, received an order, and shipped products — only to later discover that the entire transaction was fake?

This is what happened recently to a businesswoman who reported to the Georgia Tech Procurement Assistance Center (GTPAC) that she received purchase orders from two out-of-state public universities, one located in Mississippi and the other in Minnesota.  She responded by shipping goods, and sent along her invoice.

It turns out that the purchase orders were bogus.  This small business now finds that it will not receive payment and may not be able to recover the equipment that was shipped.

What are some of the lessons you can learn from this unfortunate experience?   Here are six tips:

  1. An unsolicited order from a governmental entity (e.g., agency, city, county, school) is a virtual impossibility.  If you didn’t submit a bid, chances are you won’t receive a purchase order.
  2. When you receive a purchase order, make sure it identifies the government official placing the order and is signed.
  3. Never assume that any purchase order is valid.  Call the point-of-contact (POC) listed on the order to make sure it is legitimate.  Be alert to the possibility that the phone number on the order might be bogus too.Fraud Waste Abuse
  4. Even if the order appears to be legitimate, conduct an Internet search for the purchasing office of the government buyer to see if the location and contact information line-up with what’s on the purchase order. If the contact phone numbers are different on the order and on the web site, call the buyer to inquire about the order — and be sure to call the buyer at the phone number listed on the government entity’s website.
  5. Also pay attention to the “ship to” location.  If it looks suspicious (i.e., it’s a location other than the government entity’s location), ask the buyer why it’s different.
  6. If, after checking, you suspect the purchase order to be fake, report the incident to the real government organization as well as to appropriate law enforcement authorities.

In the case brought to GTPAC’s attention, the business has reported the incidents to the purchasing offices of both universities.  She furnished them with copies of the documents she received — orders that are on official letterhead and appear to be legitimate.  She also reported the incidents to local law enforcement authorities who are investigating the locations where the equipment was shipped.

GTPAC recommends that all businesses stay alert to possible fraud in the government contracting process and in other government functions.  Here are some tips:

Remember the old saying, “If something looks too good to be true, it probably is.”   Whenever you receive a call, letter, fax or email about something involving government contracting — and it looks fishy — feel free to contact your team at GTPAC.  We’ll be glad to give you any facts we are aware of, along with suggestions about how you might best proceed.

 

 

 

FBI warns of online scams posing as government services websites

By

From May 2012 to March 2015, the FBI’s Internet Crime Complaint Center (IC3) has received complaints regarding criminals hosting fraudulent government services websites in order to acquire Personally Identifiable Information (PII) and to collect fraudulent fees from consumers.

FBIAlthough the volume and loss amounts associated with these websites are minimal to date, the victims are having their PII data compromised which may be used by criminals for any number of other illicit activities, ranging from the creation of fraudulent IDs and passports to fraudulent loans and tax refunds. The PII can include the victim’s name, address, phone number, e-mail address, social security number, date of birth, and mother’s maiden name.

This is how the scheme usually happens: victims use a search engine to search for government services such as obtaining an Employer Identification Number (EIN) or replacement social security card. The fraudulent criminal websites are the first to appear in search results, prompting the victims to click on the fraudulent government services website. The victim completes the required fraudulently posted forms for the government service they need. The victim submits the form online, believing they are providing their PII to government agencies such as the Internal Revenue Service, Social Security Administration, or similar agency based on the service they need. Once the forms are completed and submitted, the fraudulent website usually requires a fee to complete the service requested. The fees typically range from $29 to $199 based on the government service requested. Once the fees are paid the victim is notified they need to send their birth certificate, driver’s license, employee badge, or other personal items to a specified address. The victim is then told to wait a few days to several weeks for processing. By the time the victim realizes it is a scam, they may have had extra charges billed to their credit/debit card, had a third-party designee added to their EIN card, and never received the service(s) or documents requested. Additionally, all of their PII data has been compromised by the criminals running the websites and can be used for any number of illicit purposes. The potential harm gets worse for those who send their birth certificate or other government-issued identification to the perpetrator.

Follow-up calls or e-mails to the perpetrator(s) are normally ignored and many victims report the customer service telephone numbers provided are out of service. The FBI recommends that consumers ensure they are communicating or requesting services/merchandise from a legitimate source by verifying the entity. When dealing with government websites, look for the .gov domain instead of a .com domain (e.g. www.ssa.gov and not www.ssa.com).

Below are some consumer tips when using government services or contacting agencies online:

  • Use search engines or other websites to research the advertised services or person/company you plan to deal with.
  • Search the Internet for any negative feedback or reviews on the government services company, their Web site, their e-mail addresses, telephone numbers, or other searchable identifiers.
  • Research the company policies before completing a transaction.
  • Be cautious when surfing the Internet or responding to advertisements and special offers.
  • Be cautious when dealing with persons/companies from outside the country.
  • Maintain records for all online transactions.

As a consumer, if you suspect you are a victim of an Internet-related crime, you may file a complaint with the FBI’s Internet Crime Complaint Center at www.IC3.gov.

Source: http://www.ic3.gov/media/2015/150407-2.aspx

In doubt? Check with GTPAC!

By

Your team at the Georgia Tech Procurement Assistance Center (GTPAC) stands ready to offer you advice about any aspect of government contracting — especially when you have any doubt about the legitimacy of a contract-related service or solicitation.

We’ve published many articles before about government contracting scams (click here to see previous articles), and once again we want to bring another one to your attention.

Just a few days ago, a GTPAC client contacted one of our Counselors and asked about the legitimacy of a request for a quotation he received, supposedly from the Dept. of Defense (DoD).  Once we examined the email and the attachment that our client sent us, we told him to run — not walk — away from it!

Here Are the Details

The email was purportedly from a DoD official soliciting a quote for some laptops and computer drives.

We examined the email and its attachment, including the following:

  • We called the phone number in the email which was answered by a person who didn’t identify himself.  When we asked questions, he said that he’d have the person identified in the email call us back with details.  No one called back.
  • We checked the identity of the person who supposedly sent the email.  The email’s Quote form identified him as Deputy Director for Procurement at AT&L.   We determined that, in reality, he is DoD’s Deputy Director for Earned Value Management.  AT&L (Acquisition, Technology and Logistics) is a unit within DoD that no longer exists; it’s been reorganized into two groups: research and engineering (R&E) and acquisition and sustainment (A&S).  (See details of that reorganization by clicking here.)
  • We also identified the DoD official’s real email address and his actual phone number; they were not the email address or phone number shown in the email and on the Quote form that was sent to our client.
  • We noted that the federal solicitation number shown on the Quote form was not in the correct format, and the Quote form itself was not a form we have ever seen before.
  • The wording of the email was sloppy and unprofessionally prepared.

Based on the above, we advised our client to not respond because we believe this is a probable scam which will lead to an order to ship the products to a bogus shipping address, for which payment will never be received.  We also alerted the appropriate DoD officials of this probable scam.

What You Should Do

It’s as simple as 1-2-3.

  1. Stay alert to possible scams involving government contracting.  There are many scams in circulation literally every day.
  2. Don’t let the temptation of landing a sale overtake your common sense.  If it looks like easy money, it’s probably bogus.
  3. Whenever you are in doubt, contact GTPAC for advice.  We’ll be happy to check things out for you and provide you with our opinion.  It’s as simple as forwarding anything suspicious to us at: gtpacatl@innovate.gatech.edu.

Remember, the GTPAC team is here to help you succeed in the government marketplace!

P.S.:  If your business is located outside the state of Georgia, you can find a procurement technical assistance center (PTAC) by clicking here.

 

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More