Businesses warned to be cautious after Kerry firm stung for €8k in email scam

A man in his 20s has been arrested after the firm paid over  €8,000 before they realised it was a scam.  
Businesses warned to be cautious after Kerry firm stung for €8k in email scam
Gardaí have warned businesses to be wary of potential email scams. File picture.

A man in his 20s has been arrested after the firm paid over  €8,000 before realising they had been conned, gardaí said.

The fraud began in mid-2019 when an organisation received an email from an address claiming to be a company with whom they do regular business, gardaí said. It requested payment of an outstanding invoice be directed to a new account. A file has been sent to the DPP in relation to the case.

It is the latest incidence of this type of scam, which more and more businesses find themselves falling prey to. Last week, gardaí attached to the Garda National Economic Crime Bureau (GNECB), after ongoing joint investigations with Europol and Eurojust, pinned down an incident of invoice fraud where funds were being transferred internationally.

The organised crime gang attached to that particular investigation has laundered over €3.5m through a network of bank accounts set up by Italian nationals, Romanian nationals and other nationalities, gardaí said.

Two men were arrested in Dublin and investigations are ongoing. One of the men was charged.

Cybersecurity frim warns of an increase in invoice redirection fraud 

Cork-based international cybersecurity firm Smarttech247 warned that the Covid-19 pandemic has exacerbated the invoice redirection scam.

Smarttech24's Raluca Saceanu said: "We have seen an increase in invoice redirection fraud in the past three months, which has been ramping up due to Covid 19."

 

In cybersecurity, we classify this under vendor email compromise [Vec]. It is one of the biggest risks of 2020 because it is quite a lucrative business for cyber criminals.

Generally, a successfully executed Vec attack will result in payments of, on average, €125,000, she said. Changing passwords regularly and not using the same password for multiple accounts were some measures to be taken to bolster defences against invoice redirection, she said.

Crime prevention officer for the Garda Kerry Division, Sergeant Jim Foley, said every business, big or small, should treat a request to change bank account details with extreme caution. 

He said: "If you receive an email requesting payment to a different account, it may look genuine. However, you should always pick up the phone to your supplier or vendor to verbally confirm the request details. Also remember to ring a number you know to be from the company, do not ring the number stated in the email request."

More in this section

Select your favourite newsletters and get the best of Irish Examiner delivered to your inbox