Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Dublin Live
Dublin Live
National
Aakanksha Surve

Scammers steal nearly €6 million from Irish companies as gardai issue warning

Gardai have issued a stark warning over an email scam that saw nearly €6 million stolen from companies in Ireland last year.

Invoice-redirect fraud, also known as business email compromise fraud, involves scammers impersonating a supplier and asking a business or an individual to send money to a new bank account claiming they've changed banks.

They provide a new IBAN and BIC code for this new account and often the target does not know that they have been a victim of a crime until later when the legitimate supplier sends a reminder for invoice payment.

Read more: WhatsApp scammers using devious trick to steal money from worried parents

Scammers might send an email with a spoof email address, a "spear-phishing" email (an email that looks like it’s from a trusted source), or use malware to take over a legitimate business email account and send an email from that.

The stolen money is then transferred abroad and in some cases, data is also stolen.

The proceeds of this crime are being laundered through bank accounts in Ireland.

Thankfully, 2021 saw a massive reduction of up to 50% in this type of scam compared to the previous year but nearly €6 million was still stolen as part of the fraud.

Last year, gardai recovered €26,000 for a Canadian business that had over €29,000 stolen from fraudsters after officers were successful in freezing the accounts in Ireland.

Additionally, a suspect was arrested after stealing €177,000. In this case, the fraudster took over a legitimate Solicitor’s email and secured clients funds, which the Solicitor was handling for the purchase of a house.

The Garda National Economic Crime Bureau (GNECB) successfully recovered all but €3,000.

Also in 2020 and due to early reporting to Gardaí, GNECB recovered €2 million from an account in Hong Kong – the entire amount stolen.

Here is how you can protect yourself from invoice-redirect fraud:

• Always be suspicious when asked to send money to a new bank account – delay the transfer while you phone the company to double-check if the bank account has changed (and ensure you’re not dealing with a fraudster)
• Any time you are asked to change bank account details on a system, check the location of the IBAN (via a Google search), check the URL and the spelling
• If employees are using personal computers/laptops to work from their homes, it is imperative their antivirus software is kept up to date.
• Businesses should have robust policies and procedures in place to deal with payment requests of this nature (e.g., multiple decision-makers to approve payment or a step to contact a trusted person at the supplier to verify the request. They should also review all existing business relationships regularly and put defensive policies and procedures in place
• Remember, if caught out, ask your bank to do a recall ASAP then report the fraud to gardai.

Read more: Businesses must be vigilant as risk of cyber attacks rises amid Ukraine crisis

Read more: ‘Bird poo scam’ warning for Irish tourists travelling to Spain

Sign up to the Dublin Live Newsletter to get all the latest Dublin news straight to your inbox.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.