Scammers net millions with 'data harvesting'
Specialist gardai are investigating a new type of organised crime called data harvesting that has already netted criminals millions of euro.
A countrywide operation targeting the crime, which gardai also describe as "account take over", is being co-ordinated by the Garda National Economic Crime Bureau (GNECB).
Gardai have secured charges against two foreign nationals who they believe are involved in the scam.
The fraud involves criminals stealing victims' bank account details, then taking money from their bank accounts.
Detectives suspect that in some cases the information is being sold over the so-called dark web.
"The suspects involved in this illegal trade of information in Ireland can work in financial institutions, insurance companies and even just mobile phone shops," a senior source said last night.
"Essentially, the risk can be any place of business where direct debits are set up, where someone provides their bank details."
In most cases, the victims do not know that they have become a victim of data harvesting until they notice suspicious transactions on their bank statements, or they are informed by their financial institution.
The financial institutions are obliged to refund the cash to affected customers.
The GNECB is investigating half a dozen cases, and more arrests are expected in the coming months.
Specialist officers from the Garda National Cyber Crime Bureau are involved in the investigations.
In one case, a man is suspected of obtaining more than €200,000 after targeting more than 40 bank accounts.
In many cases, so called "mule accounts" are set up to facilitate the transfer of the funds.
"This is a very sophisticated type of crime. It is all about organised criminals taking advantage of the internet," a senior source said. "Gardai are making good progress and there have been some very significant arrests, but more will happen in the near future."
Data harvesting is different to invoice redirection frauds, which have seen €4.5m being stolen since the start of the year.
Invoice redirection fraud happens when a business falls prey to information, purporting to emanate from trusted suppliers or service providers, which suggests that a beneficiary's bank account details have been changed.
As a result, funds that are due to be paid out are transferred to a fraudulent account.