Thursday 22 August 2019

Cyber crime 'rampant against the elderly'

HACKERS: Cyber fraud is usually carried out offshore
HACKERS: Cyber fraud is usually carried out offshore
Maeve Sheehan

Maeve Sheehan

Cyber crime is "rampant" in Ireland, with gardai investigating up to 30 businesses targeted by offshore hackers and 100 cases of mostly older people who were tricked into disclosing their bank details.

The cases - just some of those reported to the Garda Bureau of Fraud Investigation - represent just the "tip of the iceberg", according to Chief Superintendent Pat Lordan.

Between 10 and 20 Irish companies have reported to gardai that their systems were subjected to "denial of service" attacks, in which they were infiltrated by hackers demanding ransoms, sometimes for as little as €5,000, in order not to shut them down.

The companies that came forward to gardai did not meet ransom demands, but it is suspected that other companies did, but did not to report it.

Another cyber fraud has prompted 15 complaints to gardai this year alone. The so-called 'invoice re-direction' fraud involves cyber criminals hacking into a company's systems, finding out who it is doing business with and posing as a supplier. They send mock-up emails directing a change of bank details.

"Sometimes it might be five or six weeks before a company is aware that it is a fraud, and at that stage, the money is gone," said Detective Superintendent Gerry Walsh.

As a result, the crime is difficult to investigate and "the guy who actually benefits is not known".

One firm was almost stung for €3.7m after receiving a bogus "change of bank details" email. The money was transferred out of the company but the transaction was stopped.

Detectives have been told there is a trade in inactive or little-used bank accounts that are used by hackers as "mule" accounts. In particular, they have been told that Irish students are being "touted" on behalf of offshore hackers to sell their inactive bank accounts for up to €100 a go.

They say Irish criminals are beginning to get in on the act, using the dark web to move drugs and organise deals and are "bringing in expertise" into their organised crime gangs, by recruiting youngsters who can hack.

A small number of teenagers, aged from 14 to 18, are currently under investigation for suspected hacking of businesses and websites.

While they are not linking up with criminals, they are capable of wreaking enormous damage, detectives said.

According to detectives, amongst the biggest victims of computer crimes are elderly people. Of the 100 reports of "vishing" currently being investigated, the victims were mostly older people. Detectives believe their names were chosen randomly from telephone books, as the scam can only operate on a landline.

In one case under investigation, the caller rang landlines posing as a security manager for a store, claiming their bank card details were being used without authorisation.

The householders were asked for their credit card details and those who did not disclose them were advised to ring gardai or banks.

The caller did not hang up, so when the victim tried to ring out they were still unknowingly connected to the fraudster, who posed as the bank agent or police officer.

One of the "vishing" victims lost €62,000 that was transferred to the fraudster's bank account.

Chief Superintendent Pat Lordan appealed to businesses that have been targeted by cyber criminals to report the attacks.

He said: "If businesses don't let us know they have been hacked, we are lacking then in information for the next time it occurs.

"I think we are only getting the tip of the iceberg."

Sunday Independent

Editor's Choice

Also in Irish News