Criminals use 'data harvesting' to take over bank accounts and steal millions
Sophisticated criminals are "taking over" bank accounts of unsuspecting consumers then stealing their money.
Specialist gardaí are investigating the new type of organised fraud known as 'data harvesting' - which has already netted criminals millions of euro here.
It is described as an "account take-over" because it involves criminals stealing victims' bank details and then siphoning money from their accounts.
Detectives suspect that in some cases the information is being sold over the so-called 'dark web'.
A special countrywide operation targeting criminals involved in this type of fraud is being co-ordinated by the Garda National Economic Crime Bureau (GNECB).
Gardaí have secured charges against two foreign nationals who they believe are involved in this crime.
"The suspects involved in this illegal trade of information in Ireland can work in financial institutions, insurance companies and even just mobile phone shops," a senior source said last night.
"Essentially the risk can be any place of business where direct debits are set up - where someone provides their bank details," the source added.
In most cases the victims do not know that they have become a victim of data harvesting until they notice suspicious transactions on their bank statements, or if they are informed by their financial institution.
The financial institutions are obliged to refund the cash to affected customers.
The GNECB is currently investigating around half-a-dozen separate cases of 'account take-over' and more arrests are expected in the coming months.
Specialist officers from the GNECB are involved in the detailed investigations.
In one case, a man is suspected of obtaining over €200,000 after data harvesting over 40 bank accounts.
In many cases, so-called 'mule accounts' are set up to facilitate the transfer of the funds. "This is a very sophisticated type of crime and it is all about organised criminals taking advantage of the internet," a source said.
"Gardaí are making good progress and there have been some very significant arrests but more will happen in the near future."
The data-harvesting scam is different to invoice redirection fraud, which gardaí said last month had led to almost €4.5m being stolen since the start of the year.
Invoice redirection fraud happens when a business falls prey to requests, purporting to be from trusted suppliers or service providers, that a beneficiary's bank account details have been changed.