The Empty Boxes Scheme​

Would-be distributors are conned by an advance-fee scam into paying millions for nonexistent semiconductors.​

Comments Views

​A Nigerian man living in Canada has admitted to scamming more than a dozen individuals in the U.S. out of US$13 million between 2009 and 2013, the Arizona Republic reports. According to a plea deal, Alex Sualim said he recruited the individuals to act as distributors between a Chinese supplier, AEG Global Contracting Ltd., and a Canadian company, Agmine International Ltd. Agmine instructed the distributors that the boxes containing the silicon germanium-based semiconductors — a real material used in microchips — could only be opened under laboratory conditions, so they didn't open the boxes they received. The distributors were asked to send wire transfers to AEG via banks in Cyprus, Greece, and China, which escalated as the supplier repeatedly increased its minimum order level. Agmine turned out to be a fictional company, while the shipping invoices from AEG were forgeries. When some of the distributors became suspicious, they finally opened the boxes to find only packing materials. Sualim was arrested in 2013 following an investigation by the U.S. Federal Bureau of Investigation and the Internal Revenue Service.

Lessons Learned

This case exemplifies how the perpetration of fraud continues to evolve to become increasingly more sophisticated and encompass multitactic and international dimensions. At its root however, this is one form of advance-fee fraud — when fraudsters target victims to make advance or upfront payments for goods, services, and financial gains that do not materialize. There are many variations on this scheme, including West African letter or 419 fraud (419 refers to the section of the Nigerian criminal code dealing with advance-fee fraud); career opportunity scams; clairvoyant or psychic scams; check overpayment fraud; dating or romance scams; impersonation of officials; inheritance fraud; loan scams; lottery, prize drawing, and sweepstake scams; rental fraud; and work from home and business opportunity scams. There are even fraud recovery schemes. These common frauds create significant monetary losses not only for individuals but also for businesses and other organizations that fall victim to them.

Here are some guidelines on how organizations and internal auditors can detect and avoid advance-fee schemes:

  • Follow the saying, "If something seems too good to be true, then it probably is." Stick to common business practices. Never consider business being carried out on the street corner in cash as legitimate. Also, be aware that, as in this story, the apparent source, tone, grammar, and overall style of emails and other forms of communications may be as polished and professional as would be expected from a reputable, established company.
     
  • Be sure the organization knows with whom and what it is dealing. If the organization isn't familiar with the person, company, or product it plans to get involved with, it should learn more about them. Ask a lot of questions. Visit the company's location if possible, research the organization and its products, and consult with family, friends, an attorney, and experts such as at universities. For example, silicon germanium is potentially harmful to humans at certain stages of its production, so it might be credible that those particular stages should be controlled within a laboratory clean room. But instead of accepting a shipment of empty boxes, the victims in this case could have demanded that a sample of silicon germanium be sent for analysis to an independent laboratory they selected, with the subsequent report sent directly to them.
     
  • Get a contractual agreement in writing and signed by all parties. Also, money spent up front to pay an attorney to review complex business agreements can save an organization even more money in the long run. Consulting a knowledgeable attorney is especially important when the organization doesn't understand the terms of the business or the agreement completely.
     
  • Be skeptical of businesses that operate at a distance. Organizations and their internal auditors should be wary of businesses that can only be contacted by phone or email, or that operate out of post office boxes, mail drops, or without a street address. They also should be cautious of businesses that don't have a direct phone line, can't be reached, and must always return calls at a later date and time. In this story, the fact that victims were contacted by supposed officials of the Agmine and AEG companies, rather than by a single company contact, also was a potential red flag. Moreover, a legitimate company likely would need to be registered within a particular country for regulatory or taxation purposes, so a potential investor should verify whether that company has been registered. 

Additionally, organizations and their internal auditors should be cautious of business deals requiring upfront or unexpected increases in cash outlays. Also, they should avoid signing nondisclosure or noncircumvention agreements, which could prevent the organization from verifying the legitimacy of those with whom it is doing business. Scammers use these agreements as a threat to file civil suits against victims if they report their losses and business activity to law enforcement agencies.

Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

 

 

Comment on this article

comments powered by Disqus
  • IIA AuditBoard_Nov 2019_Premium 1
  • IIA GAM_Nov 2019_Premium 2
  • IIA OnRisk_Nov_Premium 3