Reddit NetSec

CVE Database V5

AlienVault OTX General

Exploit-DB RSS Feed

Reddit InfoSec News

ThreatFox MISP Feed

CIRCL OSINT Feed

AlienVault OTX Vulnerabilities

AlienVault OTX Malware

This intelligence analysis examines a widespread Request for Quote (RFQ) scam that exploits Net financing options to steal high-value electronics and goods. The scammers pose as procurement agents for legitimate companies, using stolen information and lookalike domains to appear credible. They request quotes for specific items and inquire about Net 15/30/45-day financing. Once credit is approved, they provide shipping addresses, often using freight forwarding services or residential addresses. The scammers utilize a network of shipping services, warehouses, and money mules to facilitate their operations. Key characteristics of the scam include urgent financing requests, suspicious delivery addresses, and the use of free email accounts. Mitigation efforts included domain takedowns and intercepting fraudulent shipments.

The NET RFQ scam is a sophisticated social engineering and business email compromise (BEC) campaign targeting companies that use Request for Quote (RFQ) processes combined with Net financing terms (Net 15/30/45 days). Attackers impersonate legitimate procurement agents by leveraging stolen corporate information and creating lookalike domains to appear credible. They initiate contact by requesting quotes for high-value electronics and other goods, often specifying urgent financing terms to pressure victims. Once the victim approves credit, the scammers provide shipping addresses that are often freight forwarding services or residential locations, enabling them to intercept or divert shipments. The operation is supported by a network of shipping services, warehouses, and money mules to facilitate the movement and monetization of stolen goods. Key indicators include urgent financing requests, suspicious delivery addresses, and the use of free email accounts rather than corporate emails. Mitigation efforts have included domain takedowns and interception of fraudulent shipments. The campaign exploits weaknesses in supply chain procurement processes and financial controls, combining social engineering with logistical fraud to steal physical goods rather than digital assets. This threat aligns with MITRE ATT&CK techniques such as business email compromise (T1566), supply chain compromise (T1583), domain spoofing (T1598), and use of freight forwarding (T1608). The campaign does not rely on software vulnerabilities but on procedural and human factors, making it a complex challenge for organizations relying on RFQ and Net payment terms.

Detailed information about NET RFQ: Request for Quote Scammers Casting Wide Net to Steal Real Goods. Get real-time updates, technical details, and mitigation st

Title	Severity	Type	Source	Date

Threats Tagged 'business email compromise'

Filter Threats

Threats Tagged 'business email compromise'

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility