Accounts Payable Security Report: August 2021

Each month, the team at eftsure monitors the headlines for the latest Accounts Payable security news. We bring you all the essential learnings, so your Accounts Payable team can stay secure.

AFP Goes Global to Fight Scammers

Visit The Australian to find out more.

Perhaps the biggest challenge in the fight to stop Invoice Redirection and Business Email Compromise (BEC) attacks is the fact that most criminal syndicates behind the scams are based overseas. By the time a victim discovers they have been defrauded, the funds have moved through a variety of offshore bank accounts, making tracing virtually impossible.

In a bid to track down and stop the fraud, the Australian Federal Police (AFP) is going global. AFP officers will be deployed to Africa, Europe and the US to pursue previously out-of-reach scammers. Under the plan, officers will have the power to knock on doors, seize assets and arrest criminals.

The move will allow the police to inflict an “offshore punch” according to AFP Commissioner Reece Kershaw.

Officers will be based in countries close to cybercrime hubs and will work with international authorities. Their goal will be to disrupt, arrest and charge individuals and groups targeting Australians using a range of tactics including phishing and malware. Cryptocurrency, used by cybercriminals to launder their ill-­gotten gains, is also expected to be a target of the AFP crackdown.

Whilst this initiative will hopefully deliver important results in the fight against global fraud syndicates, it is important to remember that most Invoice Redirection and BEC attacks see funds transferred from the victim to an Australian bank account that is controlled by a Money Mule. Only then are the funds sent offshore. Making sure your EFT payments aren’t being remitted to a Money Mule’s account is the most effective way to avoid these types of attacks.

The Homoglyph Attack: Turning “O365” Into “0365”

Read more about this article

For the 24^th time, Microsoft used American courts to force domain registrars to take down 17 websites that were engaging in homoglyph attacks.

In a homoglyph attack, scammers spoof legitimate website domains with a range of tricks, such as using a zero instead of the letter “O.” This tricks victims into entering usernames and passwords into what they think is a legitimate web application.

In their attempts to gain access to email accounts so they can launch Business Email Compromise attacks, scammers regularly seek to spoof Microsoft O365 web applications. It is believed the group behind these homoglyph attacks is located in West Africa.

As scammers become more sophisticated, it is essential that all your staff understand the risk that homoglyph attacks pose to your organisation and vigilantly check domain names before logging into any sensitive web applications.

Sydney Man Charged with Role in BEC Scam

Read more about this case

On 27 July, NSW Police were notified that a government agency was defrauded to the tune of $942,700 due to a Business Email Compromise (BEC) scam.

According to reports, an invoice had been submitted to the government agency, but prior to payment, a request was made to change the bank details. The funds were subsequently transferred to the personal bank account of a suspected Money Mule.

One day after NSW Police had been alerted to the scam, a 51-year-old man was arrested at a bank in Sydney trying to withdraw $900,000. He was charged with dealing with the proceeds of crime.

According to Cybercrime Squad Commander, Detective Superintendent Matthew Craft, the arrest was possible due to the government agency engaging early with law enforcement.

“We must congratulate the agency involved for reporting this matter to police so quickly, it is a great example of the relationship between police and the financial institutions when investigating matters of this nature,” Det Supt Craft said.

The lesson for any victim of a BEC attack is clear – act quickly to report any suspected fraud to relevant authorities. Once stolen funds have been withdrawn by a Money Mule, they are usually sent to offshore bank accounts, reducing any chance you may have had to recover your funds.

AFP Recovers $8.5 Million

Financial Review: Read more

The Australian Federal Police (AFP) clawed back nearly $8.5 million in the past year taken from local businesses by cybercriminals who tricked them via email into paying fraudulent invoices. Despite this success, it represents a small percentage of the $128 million lost to payment redirection scams last year.

The AFP’s Business Email Compromise (BEC) taskforce, known as Operation Dolos, was established in 2020 to help disrupt the global syndicates that are often behind BEC attacks.

In one recent case, two amounts worth $520,000 and $2.1 million, were erroneously paid into a Singaporean bank account. The scam was discovered after the second transfer and reported to NSW Police, who referred the matter to the AFP to go after the money.

Working with Interpol and Singaporean authorities, the $2.1 million payment was stopped by Singapore Police from being transferred into another account by the scammers, and the money was successfully recovered. The first $520,000 had already been shifted.

Once again, this case highlights the importance of speed in alerting authorities as soon as you suspect you have become the victim of a scam. Any delay will almost certainly make it impossible to recover your funds.