Gardai are advising that last year (2020), approximately €10.5 million was stolen in invoice redirect fraud.

That’s where fraudsters send an email to a business purporting to be from a supplier, requesting the immediate payment of an invoice or transfer of funds.

Fraudsters may spoof an email address, send ‘spear phishing’ emails or use malware to get the data. They could also take over a business’ email account therefore fraudulent emails are being sent from the real business. Data is also stolen in large data breaches.

Victims of invoice redirect fraud range from very small businesses to large corporations.

The Advice from the Garda National Economic Crime Bureau (GNECB) is:

· Ensure all staff take great care and attention each time they are asked to change bank account details.

· Verify email address is spelt correctly

· Where a business becomes aware that such a crime has occurred they should ask their bank immediately to do a recall on the money and then report the matter to Gardaí

· At the moment many people are working from home and some are performing roles, they don’t usually do. · It is imperative that where staff are using private computers / laptop for work purposes that the antivirus software is kept up to date.

In many instances the business does not know it is a victim of this crime until sometime later when the legitimate supplier sends a reminder invoice for payment.