Fraudsters target businesses that work with foreign suppliers or businesses that regularly transfer funds online.
They use what is known as “social engineering” and “computer intrusion” techniques e.g. a worm to compromise real business email accounts and then create unauthorised transfers of funds out of the business bank accounts.
The fraudster emails a phishing document to the intended victim via the address of a legitimate supplier and asks the victim to change the electronic funds transfer detail in relation to the payment of an invoice. This request tricks the victim into clicking a malicious link that downloads malware onto the victim’s computer and allows the fraudster to gain unrestricted access to personally identifiable information, including bank account details and passwords. The fraudster uses this data to authorise electronic payments from the victim’s bank account.
Similar cases involve the fraudster using a slightly varied version of an email address of your supplier to change the destination of the electronic funds transfer to the fraudster’s bank account.
We are happy to help. Please post your comment below or call Paul Leonard, Partner at Cooney Carey, on 01 677 9000. Alternatively, send him an email: firstname.lastname@example.org