This could be a very expensive scam to fall for, so keep on reading.
Earlier this year there were reports in the press about a wave of purchase order scams targeting university suppliers. But recently, scammers have expanded their scheme by targeting industrial construction contractors and their suppliers. Scammers use social engineering, fake emails, fake PO's, and fake shipping addresses to get shipments sent to them without payment.
This is a numbers game and can easily be expanded to your industry as well, so send this alert to the managers that are in charge of your sales, purchasing and shipping departments.
In the most recent version of this scam, an industrial and commercial construction company in Garden Grove, California, KGM, Inc was used to generate fake PO requests for various supplies. Using email as the primary method of communication, or in some cases a phone, the scammers will attempt to get a quote for products from a given vendor. Once the quote is delivered, the scammers will either develop a PO, or forge an existing one, and have the vendor ship the products on Net 30-terms. Otherwise, they'll use a credit card (stolen) to pay for the items directly.
You need to do some sort of pattern recognition, and/or be "context-aware" (see article below) and "vet" orders that seem out of the ordinary before they get shipped. Full Article at CSO: