Invoice redirect Business Email Compromise (BEC) fraud

Invoice redirect / Business Email Compromise (BEC) fraud

An Garda Síochána would like to advise all business owners of invoice redirect/ business email compromise (BEC) Fraud

  • In 2020, approximately €10.5 million was stolen in this type of fraud
  • In most of these cases the money was transferred abroad.
  • Proceeds of these crimes can be laundered through accounts in Ireland

Invoice redirect fraud or business email compromise (BEC) fraud is where the fraudsters sends an email to a business purporting to be from a supplier etc. saying their bank account number is changed and asking to send the money to a new account and they supply the IBAN, BEC of the new account.

Fraudsters may spoof an email address, send ‘spear phishing’ emails or use malware to get the data. They could also take over a business’ email account therefore fraudulent emails are being sent from the real business. Data is also stolen in large data breaches.

Victims of invoice redirect fraud range from very small businesses to large corporations.

The consequences of falling for a scam of this nature can be catastrophic for any business and can result in the closure of businesses and redundancies.  All relevant employees should receive training in relation to avoiding this type of scam.

The Advice from the Garda National Economic Crime Bureau (GNECB) is

  • Ensure staff take great care and attention each time they are asked to change bank account details. Check the IBAN number – what country is it in. IBANs can be checked by doing a very quick google search. Check the URL and the spelling
  • A phone call should be made to a representative of the company confirming that the bank account is changed and care needs to be taken to ensure that they are talking to a representative of the company and not the fraudster. Under no circumstances should contact details contained in the email or attachments be relied upon to verify the request whether these consist of a physical address, an email address or a phone number.
  • Businesses must ensure that they have robust policies and procedures in place to deal with requests of this nature including escalating the decision making function to supervisory positions and making direct contact with a trusted known person in the supplier’s organisation.
  • All existing business relationships should be reviewed without delay and defensive policies and procedures put in place.
  • Where a business becomes aware that such a crime has occurred they should ask their bank immediately to do a recall on the money and then report the matter to Gardaí
  • At the moment many people are working from home and some are performing roles, they don’t usually do. They are also working from a more safe and secure environment and could be minding children at the same time. This could mean that they are not as wary as they would be in a work environment and they do not have colleagues close by to confer with.
  • It is also imperative that where staff are using private computers / laptop for work purposes from their homes that the antivirus software is kept up to date.

In many instances the business does not know it is a victim of this crime until sometime later when the legitimate supplier sends a reminder invoice for payment.

This entry was posted in news. Bookmark the permalink. Both comments and trackbacks are currently closed.