Cyber Crime - Bunker company defrauded of $1 million in 'phishing scam' @GrayPage

Bunker company defrauded of $1 million in 'phishing scam'

A bunker company in Malaysia claims it has been the victim of a phishing scam.

The owner of the company has told police that it has been defrauded of RM4.5 million (US$ 1 million).

The Malaysian National News Agency (BERNAMA) quoted the police chief in the northwestern Malaysian state of Kedah as saying the company made two reports to the police, one on June 8 and another two days later on June 10.

It claimed it had been deceived into making two transactions to a bank in Greensboro in the United States on May 31 and June 2.

“We believe [a] spam email was sent to the company by an international syndicate, which set up an email account that is similar to the Singaporean company where it gets its oil supply from,” the police chief, Datuk Asri Yusoff, was quoted as telling a news conference.

“The complainant only realised he had been cheated after the real supplier contacted him for payment."

Assessment and Analysis

Malaysian police believe Spyware was embedded in the victim's computer allowing the perpetrators of the fraud to read email exchanges between the bunker company and its fuel supplier.

“After obtaining the information between the two companies, a [crime] syndicate member would create a fake email masquerading as the supplier to invoice the victim for payment into a bank account," said the police spokesman.

He urged companies to check with their counterparties before making payments to accounts that differed from the usual number.

He said police were still investigating the incident and would cooperate with the International Police Organisation (INTERPOL).

Go to Gray Page Threat Picture

Image: Bunkering tankers off Singapore (Southern Cross Maritime)