Arrests after companies ‘tricked’ into sending criminals €500,000

Gardaí investigating invoice redirect frauds that targetted Spanish and Irish firms

Gardaí have arrested suspects for two separate and unrelated frauds in which criminals based in Ireland tricked two companies into sending them €500,000.

Gardaí have arrested suspects for two separate and unrelated frauds in which criminals based in Ireland tricked two companies into sending them €500,000.

 

Gardaí have arrested suspects in relation to two separate and unrelated frauds in which criminals based in Ireland tricked two companies into sending them a total of €500,000.

The Irish Times understands in one case a company was defrauded of €300,000, and in the other case it was €200,000.

One of the companies is Spanish but gardaí believe the criminals who defrauded that firm are based in the State. In the second case, the company was Irish.

At least three people are being questioned after being arrested in relation to the crimes, which are almost identical but were carried out by two groups of criminals working independently.

Both cases are invoice redirect frauds. They involve criminals posing as a commercial entity that normally has dealings with the company they intend to target.

They send emails claiming their account details have been changed, often using very sophisticated mock email addresses and logos from the entity they are posing as.

The criminals involved created online identities made to look like companies or commercial entities that normally do business with the firms they intend to target.

In this case they sent emails to the companies informing them that they had changed their banking details. They advised that any monies owed in the future should be paid into their new bank account, the details of which they supplied.

When invoices were later sent for payment, the targeted companies lodged the money into the fraudsters’ account.

Typically, once the payments are lodged, they are very quickly transferred to other accounts outside the jurisdiction.

This is done before the commercial entity targeted realises the invoice it believed it had paid has not been settled, and the funds have instead been transferred to other accounts, run by the fraudsters.

More to follow...