How Cy­ber Crim­i­nals De­fraud Fi­jians

Fiji Fi­nan­cial In­tel­li­gence Unit Di­rec­tor tells of four cases this year

Fiji Sun - - 20th Attorney-general’s Conference - JY­OTI PRATIBHA Feed­back: jy­[email protected]­jisun.com.fj Edited by Jonathan Bryce

The Fiji Fi­nan­cial In­tel­li­gence Unit has is­sued an alert af­ter four cases of cy­ber fraud were noted this year. Speak­ing to the Fiji Sun at the 20th At­tor­ney-Gen­eral’s Con­fer­ence cur­rently un­der­way at the at the In­terCon­ti­nen­tal Fiji Golf Re­sort and Spa in Nata­dola, Di­rec­tor of the Unit Razim Buksh ex­plained how in­ter­na­tional fraud­sters man­aged to dupe Fi­jians.

He ex­plained that the first way had been through email com­pro­mise.

“This in­volves the cy­ber at­tacker of­ten util­is­ing so­cial me­dia plat­form and on­line so­cial en­gi­neer­ing tech­niques to trick in­ter­net users to un­know­ingly in­stall mal­ware such as key­log­ger, com­puter virus, worm, Tro­jan Horse and Spy­ware onto their com­put­ers, work­sta­tions or wire­less de­vices.”

This is nor­mally done through ask­ing the vic­tim to click on a link sent by the cy­be­crim­i­nal through which the mal­ware is in­stalled. “This is an ef­fort to com­pro­mise and steal per­sonal sen­si­tive in­for­ma­tion such as email and other on­line ac­count lo­gin cre­den­tials. Once the cy­ber at­tacker gets ac­cess to the ac­count, they can then mon­i­tor emails, in­ter­cept­ing those that con­tain an in­voice or a pay­ment in­struc­tion to the com­mer­cial bank.

“There­fore, the cy­ber at­tacker then changes the pay­ment in­struc­tions on a cho­sen in­voice or in­tended trans­ac­tion and al­lows it to be pro­cessed usu­ally with the funds go­ing straight into a bank ac­count of a cy­ber­crim­i­nal syn­di­cate in­stead of the in­tended and right­ful ben­e­fi­ciary.”

The sec­ond method which was used this year to de­fraud four locals is email spoof­ing.

“Email spoof­ing is the cre­ation of email mes­sages with a fake or look-alike email sen­der ad­dress to mis­lead the re­cip­i­ent about the ori­gin of the mes­sage. Cases re­ported to the Fiji FIU show that look-alike email ad­dresses were used be­tween lo­cal busi­ness en­ti­ties and their over­seas sup­pli­ers re­gard­ing or­ders for im­port of goods. Cases also in­volve non-trade re­lated per­sonal for­eign re­mit­tance trans­ac­tions.” Re­cent case ex­am­ples re­ported to the Fiji FIU in 2018 on email com­pro­mise and email spoof­ing cases in­clude:

In March 2018, an email ac­count of a lo­cal bank cus­tomer was com­pro­mised and a fraud­u­lent pay­ment in­struc­tion was sent to the lo­cal bank. Ap­prox­i­mately FJ$575,000 was trans­ferred to a for­eign bank ac­count be­long­ing to a cy­ber­crim­i­nal syn­di­cate. In Septem­ber 2018, in a case in­volv­ing cy­ber money laun­der­ing, FJ$556,000 was fraud­u­lently trans­ferred from a lo­cal busi­ness bank ac­count to an off­shore “in­cor­rect” bank ac­count num­ber. In this case the for­eign sup­plier’s busi­ness email was com­pro­mised.

In Oc­to­ber 2018, pro­ceeds of ap­prox­i­mately FJ$27,000 from sale of in­vest­ment shares of a lo­cal in­vestor who is re­sid­ing abroad, was re­mit­ted to a cy­ber­crim­i­nal’s bank ac­count in an­other coun­try as a re­sult of email com­pro­mise of the in­vestor. In Oc­to­ber 2018, an es­tate prop­erty set­tle­ment pro­ceeds to­tal­ing ap­prox­i­mately FJ$845,000 was re­mit­ted to the for­eign bank ac­count of a cy­ber­crim­i­nal who pre­tended to be the ben­e­fi­ciary of the es­tate. It ap­pears that email ac­counts of the ben­e­fi­ciary and lo­cal party were com­pro­mised.

Since 2014, 39 busi­nesses and in­di­vid­u­als have lost funds to­talling $5mil­lion in for­eign re­mit­tance trans­ac­tions to cy­ber­crim­i­nals through email com­pro­mise scams. Only $169,000 was re­cov­ered. Mr Buksh said: “Com­mer­cial banks and re­mit­tance ser­vice providers are re­quired to con­duct en­hanced due dili­gence for sus­pi­cious pay­ment in­struc­tions. “Busi­ness cus­tomers en­gaged in over­seas trade should also be made aware of al­ter­na­tive and safer modes of in­struct­ing com­mer­cial banks for in­ter­na­tional trade pay­ments.” ALSO READ More re­ports >P4, 6 Ed­i­to­rial >P10

Photo: DEPTFO News

Min­is­ter for Women, Chil­dren and Poverty Alle­vi­a­tion Mere­seini Vu­ni­waqa with Fiji Fi­nan­cial In­tel­li­gence Unit Di­rec­tor Razim Buksh at the at the In­terCon­ti­nen­tal Fiji Golf Re­sort and Spa at Nata­dola on De­cem­ber 7, 2018.

Newspapers in English

Newspapers from Fiji

© PressReader. All rights reserved.