Gardaí alert firms to sharp rise in use of bogus invoicing

Over €4m defrauded from firms since start of year in increasingly sophisticated deception

Top gardaí say the problem is worsening, with €2.7m stolen in April alone. File photograph: Getty

Top gardaí say the problem is worsening, with €2.7m stolen in April alone. File photograph: Getty

 

There has been a dramatic increase in cash being stolen from people and businesses by criminals using sham invoices in recent months, with €4.4 million stolen since the start of the year, the Garda has warned.

Senior Garda officers say the problem is worsening, with €2.7 million stolen in April alone and 132 invoice redirection frauds reported to the Garda since the start of the year. Some of the recent thefts targeting Irish businesses and individuals have been valued at almost €1 million.

“If this continues the way it is, people will lose jobs or companies will not be able to continue trading,” said Chief Supt Pat Lordan of the Garda National Economic Crime Bureau. And he also warned of so-called chief executive fraud, where the identities of company chief executives are cloned online and a person posing as the chief executive seeks a bank deposit or even their own salary payments be made to a new bank account. Gardaí said senior executives are being watched on social media by gang members and when they are on holidays, for example, people posing as them online send emails to their businesses requesting the payment of a sum of money into the chief executive’s bank account.

How is fraud perpetrated?

While chief executive fraud is being reported to gardaí, invoice-redirect fraud is much more common and gardaí are concerned about it. The deceptions involve criminals posing as a commercial entity that normally has dealings with the company they intend to target. They send emails claiming their account details have been changed, often using sophisticated mock email addresses and logos from the entity they are impersonating.

The criminals create online identities resembling companies or commercial entities that transact with target firms.

In one case they sent emails to companies informing them that they had changed their banking details. They advised that any monies owed in the future should be paid into this new bank account, the details of which were supplied. When invoices were later sent for payment, the targeted companies lodged the money into the fraudsters’ account.

Typically, once the payments are lodged they are transferred to other accounts outside the jurisdiction. This is done before the commercial entity targeted realises the invoice it believed paid has not been settled and the funds have instead been transferred to other accounts, run by the fraudsters.