Procurement fraud notice
A new procurement scam has come to our attention and we are taking action to stop the activity.
CH2M has been made aware of an email phishing scam using fake CH2M email addresses for non-existent CH2M employees. The email alleges that the sender is a subcontracts program manager at CH2M, however this person is not a CH2M employee. The email is a phishing scam in which the sender is attempting to defraud companies under the pretense the company will win business from a U.S. government agency. A sample of the email message is below. CH2M has reported the matter to the FBI.
The email phishing scam is coming from a domain in Colombia, South America, with the domain address ch2mhill.co. Please be aware that all official CH2M email communications are sent with a ch2m.com email address and a legitimate email from a CH2M employee will include the employee's direct contact information. In these emails the email addresses will include invalid addresses at ch2m.com and the actual return address with a ch2mhill.co domain. For example:
From: Greg Watson <firstname.lastname@example.org>, Carol Saunders <email@example.com>, Raj Sheik <firstname.lastname@example.org>, Jacob Vigil <email@example.com>, [mailto:firstname.lastname@example.org]
CH2M does not recommend communicating with the email sender in any way. Instead, please contact the agencies below to report the fraudulent activity. If at all possible, provide the original email with your report.
- Federal Bureau of Investigation (FBI): www.FBI.COM
- United States Computer Emergency Readiness Team Phish Reporting: email@example.com
- Federal Trade Commission Scams & Rip-offs Reporting: firstname.lastname@example.org
- Anti-Phishing Working Group Phish Reporting: email@example.com
We value our professional relationships with our clients, employees, business partners and suppliers. If you believe you have received a fraudulent procurement request or any other related communication, please contact us.
Below is an example of the email phishing scam. The email may appear to come from a sender named “Greg Watson”, “Carol Saunders”, “Raj Sheik” or “Jacob Vigil”. Please note that the message could differ from this sample, such as referencing a different government agency (Navy, Army, VA, etc).
My name is Greg Watson, and I'm a subcontract manager. My company is working on a project currently deemed classified (though, that will probably change somewhat as it progresses) with the VA. There is a portion of the project that we were looking to sub out to a small business, and looking at our Ariba Network (and a few Google searches), I came across your company. I personally believe you would be an exceptional candidate based on your website, but it's not entirely up to me, obviously. I need to present my choice to the powers that be, and other people will be presenting their options (they might even choose you as well to present, but I can only answer for my own presentation). In order to give an optimal presentation on behalf of your firm, I was hoping to get something brief and easy to digest like a capabilities statement or company brochure. If possible, it'd be nice if the brochure made reference to any of the set-asides your company has. Please, do not just send a link to your website. I have already been there.
When sending, please hit "Reply All" to this email. There are firewalls up, and if you hit "Reply All" you're more likely to get through the security filters (especially with attachments and with a few people from different locations on the thread). Also, keep in mind, I'm not really interested in having a lengthy call or anything. I have already chosen your firm. I just need to convince the other people. Please do not take offense; I just do not have the time for it. Also, please, note it will take a little bit of time to present your company to the decision makers, so it might take me a couple days to get back to you. Please, give me at least a week before following back up with me.