How it all began
In March of this year, Joris Snelten thought he'd won a valuable new client. He'd been negotiating by phone and e-mail with representatives of Simply Market, a leading French supermarket chain. The names used by his contacts were the names of real Simply Market personnel. Snelten was able to look them up on the company website and check out their LinkedIn profiles. The correspondence even quoted real VAT and tax details.
Reassuring company image
"When we asked for advance payment, as we always do, they said that companies of their stature didn't operate that way," Snelten told RTL Z. "It was all in their terms and conditions, they pointed out." Reassured by Simply Market's size and reputation, Delta eventually agreed to settlement in arrears. The wine was delivered, but the invoice wasn't paid on time. And, when Delta called to ask for payment, 'Simply Market' stopped answering the phone. Snelten soon realised that he wasn't going to get an answer. His company had arranged export insurance for the consignment, but fraud wasn't one of the risks that the policy covered.
Almost identical domain name
The crooks responsible for the fraud had been very professional. A lengthy chain of e-mail correspondence was backed up by telephone conversations. And the e-mail addresses they used barely differed from real addresses. It was only later that Delta learnt that genuine Simply Market addresses have the .fr extension, while the fraudsters used .com. In other words, it was a 'typosquatting' scam: using a domain name that's so similar to a well-known domain name that many people don't notice the difference. However, there was a lot more to the fraud than the domain name. For example, it was clear from the phone calls that the crooks were fluent French-speakers. They'd done everything possible to make themselves believable.
Could the fraud have been prevented?
More and more companies are falling victim to identity fraud. But are the crimes preventable? "Possibly, yes," says Pim Pastoors, DBS Product Manager at SIDN. "It's always best to check a sender's e-mail address. Does it contain the real organisation's name, spelled the right way? Does it have the right national extension at the end? Compare it with the domain name used in the real company's corporate communications. If in doubt, call the company on a number you haven't got from the e-mail to make sure the correspondence is genuine."
Snelten and his company Delta Wines weren't the only victims of the crime. Simply Market's brand identity and (on-line) reputation took a hit as well. "Simply Market probably could have prevented the fraud by monitoring their domain name," says Pastoors. "One of the best monitoring tools available is our Domain Name Surveillance Service. It's a system that flags up the registration of any domain name similar to yours. Built-in risk profiling and indicative classification make it quick and easy to decide whether a registration is a potential threat. The service has to make sense for any company with a strong brand identity. Because prevention is always better than cure."