A million-cost inattentiveness

• Investment & transactions

Have you ever heard of multiple phishing attacks resulting in huge losses and extremely nervous mood under such circumstances?

Phishing is a type of Internet fraud. It means that fraudsters are trying to deceive a certain range of persons by pretending to be them. A sort of bait can be fake website with databases (e.g. when fake email differs from the counteragent’s address just by one letter), while a sort of prey can be non-disclosable information (e.g. about potential product supply).

As the result, the buyer cannot even notice that it is holding negotiations upon the same agreement but with another person.

Next, the buyer will receive an invoice with banking details of another company. As soon as payment is received, the seller will disappear.

Therefore, no goods and no funds…

Let us show some case study from our practice.

Case No. 1

For the long-term cooperation, the seller (Interlegal client) and the buyer entered into a contract on grain supply.

It should be noted that for the current year the Parties carrier out four deliveries, while the vessel designated for the fifth delivery was berthed for loading.

Therefore, the Parties had a long-time commercial cooperation and trusted each other for many years.

In the process of contract performance, the Parties kept calm till the moment of payment (we mean the moment of cost enrollment).

There was a usual procedure of issuing invoice, cost remittance, receiving SWIFT – but costs were not enrolled to the seller’s bank account.

So, what happened? During a certain period a group of hackers joined the correspondence: their email addresses were almost the same, except one symbol (the difference can be hardly seen).

Therefore, at the certain moment the seller held correspondence with a fake buyer; in turn, the buyer held correspondence with a fake seller.

Since the criminals conducted a mirror correspondence, there was no problem for them to hold correspondence upon the contract performance, because they received information about both the seller’s and the buyer’s status.

Following long-term monitoring email correspondence, the criminals intercepted the invoice (as soon as it was issued) and replaced bank details.

Inattentiveness resulted in loss amounting to 1,500,000 USD.

The buyer requested to pay cargo cost and the seller refused to pay twice, in view of a very large amount.

Now the parties are holding negotiations and are trying to preserve commercial relations and to mitigate losses.

Case No. 2

It concerned a contract with other payment terms. It provided for 50% prepayment and 50% balance payment at the moment of crossing the border. We note that there was a mess in standard email correspondence between the seller and the buyer. No unified message body, no reply to previous emails, but sending just new mails to each other. Like in previous cases, after issuing the invoice costs were remitted to address indicated in the invoice – is that all? Payment was successful, wasn’t it? Profit for everyone? No, there was a lot of emotional letters with payment request. Finally, everyone understood that fraudsters joined the process of email correspondence: they had almost similar address like one of the parties; therefore, the criminals intercepted the invoice and replaced details.

Although the clients got confused, their task was aimed at amicable settlement of the situation without applying to arbitration. Finally, we developed action plan jointly with all the parties and signed an agreement on amicable dispute settlement. Finally, the parties incurred not so large losses as expected.

See our recommendations – first aid in case of feeling that you became a phishing victim:

1. Attentive correspondence between the parties, reply to previous mails, a single message body;

2. Constand monitoring the Cc addresses;

3. If payment invoice has been already sent, the parties should check thoroughly bank details (a great profit is verification by phone conversation);

4. Notifying the bank on the fact of fraud followed by blocking payment or request for SWIFT (if costs have already been remitted);

5. Having received SWIFT, please notify in writing the sender’s bank the correspondent bank and the beneficiary’s bank (i.e. whereto costs were remitted) on fraud commitment. For a certain period, costs may be frozen on the beneficiary’s bank account. Our experience shows that it may last shortly.

6. Compliance with beneficiary’s bank instructions.

Action plan and first aid – it all depends on jurisdiction of the parties. For instance, in Turkey there is an unspoken rule and practice, whereunder the party who replied first to fake email used in negotiations shall be treated as guilty.

Summing-up:

The best scenario is gaining an indescribable experience in the form of endless hours of correspondence, negotiations, letters and discussions with colleagues, lawyers, bank clerks and law enforcement officers.

The worst scenario is loss of funds, goods and counteragent.

Last but not the least: you should act promptly: when you apply to us, we are ready to help you.

Nikita Kocherba

kocherba@interlegal.com.ua