A widespread new scam has appeared targeting the imaging and medical supply industry, posing significant risk to small and mid-sized companies. According to Sterling Peloso, CEO of Ultra Solutions, the Federal Bureau of Investigation told him the hoax has already succeeded with at least 185 businesses, resulting in losses in the millions to tens of millions of dollars.

Using fraudulent email addresses and purchase orders, individuals claiming to act on behalf of university research departments will arrange for shipment of medical equipment to a United States location. Upon delivery, the equipment is immediately reshipped to Africa, typically Nigeria.

Peloso says a person first contacted his company in December 2013 using a @unlvedu.com email address and claiming to represent the R&D department at the University of Nevada, Las Vegas (UNLV).

The contact expressed interest in several products on the company’s website. After requesting a quote, the group produced an electronic purchase order formatted on UNLV letterhead and listing an Indiana delivery address for an “off-site” UNLV R&D center. At that point, a routine credit check caught the fraud, and Peloso contacted the FBI. The group subsequently contacted Ultra Solutions two or three more times.

Scammers typically use an email address that at first glance appears to be from a legitimate .edu domain, such as [email protected] or [email protected]. Delivery locations also differ from the university’s actual physical location, and communication is typically conducted exclusively via email.

“They seem to target this industry because we tend to be fairly loose,” Peloso says. “If a hospital or university wants a quote, a lot of times we’ll take that at face value.”

Peloso says suppliers, particularly small businesses, should consider establishing screening policies to prevent theft. He stresses educating the sales force to ensure adequate vetting on the front end. At Ultra Solutions, new customers must complete a credit application, and any purchases over a given threshold (eg, $10,000) require a customer service coordinator to make contact with a live person at the client’s location.

“A lot of times smaller businesses take on more risk because they want the business,” Peloso says. He adds that those companies are also more likely to take a major financial hit in the event of fraud.

We’d like to put the call to our readers: have any of you been the victim, or attempted victim, of this medical equipment scam? Please share your experience and any tips in our comments section.

Jenny Lower is associate editor of 24×7.