Our website uses cookies to enhance your browsing experience and to collect information about how you use this site to improve our service to you. By not accepting cookies some elements of the site, such as video, will not work. Please visit our Cookie Policy page for more information on how we use cookies.

Fraud Week - Invoice Redirect / Business Email Compromise (BEC) Fraud - 10th March, 2021

Issue Date: 10/03/2021

· In 2020, approximately €10.5 million was stolen in this type of fraud

· In most of these cases the money was transferred abroad.

· Proceeds of these crimes can be laundered through accounts in Ireland

Invoice redirect fraud or business email compromise (BEC) fraud is where the fraudsters sends an email to a business purporting to be from a supplier etc. requesting the immediate payment of an invoice or transfer of funds.

Fraudsters may spoof an email address, send ‘spear phishing’ emails or use malware to get the data. They could also take over a business’ email account therefore fraudulent emails are being sent from the real business. Data is also stolen in large data breaches.

Victims of invoice redirect fraud range from very small businesses to large corporations.

The consequences of falling for a scam of this nature can be catastrophic for any business and can result in the closure of businesses and redundancies.  All relevant employees should receive training in relation to avoiding this type of scam.

The Advice from the Garda National Economic Crime Bureau (GNECB) is

· Ensure staff take great care and attention each time they are asked to change bank account details. Check the IBAN number – what country is it in. IBANs can be checked by doing a very quick google search. Check the URL and the spelling

· A phone call should be made to a representative of the company confirming that the bank account is changed and care needs to be taken to ensure that they are talking to a representative of the company and not the fraudster. Under no circumstances should contact details contained in the email or attachments be relied upon to verify the request whether these consist of a physical address, an email address or a phone number.

· Verify email address is spelt correctly

· Has the URL been changed from ".ie” to ".com”?

· Businesses must ensure that they have robust policies and procedures in place to deal with requests of this nature including escalating the decision making function to supervisory positions and making direct contact with a trusted known person in the supplier’s organisation.

· Where a business becomes aware that such a crime has occurred they should ask their bank immediately to do a recall on the money and then report the matter to Gardaí

· Segregation of duties  - Consider how your business issues and accepts payment instructions

· Use banking security systems e.g One Time Passcodes

· At the moment many people are working from home and some are performing roles, they don’t usually do. They are also working from a more safe and secure environment and could be minding children at the same time. This could mean that they are not as wary as they would be in a work environment and they do not have colleagues close by to confer with.

· It is also imperative that where staff are using private computers / laptop for work purposes from their homes that the antivirus software is kept up to date.

· If a business becomes a victim, all existing business relationships should be reviewed without delay and defensive policies and procedures put in place

In many instances the business does not know it is a victim of this crime until sometime later when the legitimate supplier sends a reminder invoice for payment.

Examples of Invoice Redirect / Business Email Fraud:

· A professional firm in Ireland who processed a payment of more than €600,000 for the purchase of a product. The funds left the firms bank account before they were redirected using a false / email request and were transferred into ‘money mule’ accounts in Ireland, The EU and Hong Kong.

Financial Intelligence Units (FIU) across these jurisdictions are working together, alongside Interpol Financial Crimes Department, to retrieve the proceeds of this crime. To date over €330,000 has been recovered.

· In January of this year, the Money Laundering Investigation UNIT (MLIU), were made aware of an Irish Businesses who transferred €137,800 to a financial institution in France. MLIU with assistance from the FIU in GNECB and French FIU recovered all funds which were returned to the victim.

· In February 2020, an Asian company received an expected invoice via email, from a legitimate company in The Netherlands as part on an ongoing business deal. However the Dutch company’s email had been compromised and the invoice subsequently proved to be false. The invoice provided details of an account held at an Irish Bank as the remittance bank for the payment transfer. The Irish FIU at GNECB alerted the Irish Bank and the account was frozen as a result. The account holder was subsequently arrested and is currently before the courts charged with Money Laundering offences.