Authorised push payment. Any advice appreciated.

wandererz

If it's a small to medium sized company, chances are that they are using an online system for invoice generation, billing, accounting etc.

It could be that system which is compromised. It could even be someone working for that company elsewhere in the world who is monitoring what invoices are being sent out and to whom and adjusting them accordingly.

Anything is possible.

Again, it would be interesting to see what country the IBAN belongs to.

I assume you have provided the IBAN details to Revoluts fraud department as well?

magnetic zero

https://www.boards.ie/discussion/comment/123040362#Comment_123040362

It was a UK Revolut Iban. In hindsight, that should have aroused more suspicion from me

mikehammer..

Id be going old school methods if possible from what i'm hearing about revolut and bank transfers

The Co's want bank transfer anyhow as theyre non retakeable

Del2005

https://www.boards.ie/discussion/comment/123039143#Comment_123039143

Their data breach while it could of lead to them getting your email address had nothing to do with the fraud. At most they are guilty of miss handling data, which is a serious offence, but the fraud is entirely on you.

magicbastarder

bit late now - but when i'm transferring large amounts of money like this, i always transfer a token amount and then verbally confirm with the recipient that they got it before repeating with the full amount.

DoraDelite

https://www.boards.ie/discussion/comment/123040462#Comment_123040462

It's entirely possible that the company were hacked. I work in an area of IT security where I sometimes need to analyse header of emails to determine their origin, whether they're spoofed or not etc. I'd be happy to try and help you on this via PM if you want?

magnetic zero

https://www.boards.ie/discussion/comment/123040477#Comment_123040477

It wouldn't be a particularly big company. They have done work recommended by other people locally.

The day after I made the payment I outlined all the account details to Revolut through their chat facility and explicitly said that the fraudulent payment had been made received by that account. They maintained that they could do nothing except contact my bank and ask them to make the request to withdraw the payment. All of this extra time would have allowed the scammer more opportunity to remove the funds. It was infuriating.

mikehammer..

https://www.boards.ie/discussion/comment/123040508#Comment_123040508

Nice one

magnetic zero

https://www.boards.ie/discussion/comment/123040494#Comment_123040494

That will be my approach going forward.

magnetic zero

https://www.boards.ie/discussion/comment/123040501#Comment_123040501

I acknowledge that I paid the money willingly, so from that point of view it is absolutely my responsibility. That's my fear.

That I could have predicted the invoice I received was likely to be different to the one my wife received would not be realistic. We spoke to confirm we both received the invoice. My mistake was not checking that the payment details were the same. I would not have automatically presumed that one of the emails was fraudulent.

magnetic zero

https://www.boards.ie/discussion/comment/123040508#Comment_123040508

Yeah. That was a costly mistake on my part.

magicbastarder

reading back through your posts - you mention that the original mail to your wife has you CCed on it, but you did not get the original mail? that could point back towards your account being compromised. which is not to say that the company was not compromised. someone could have access to the company's info and thus possibly have a list of email addresses of people who are expecting to be invoiced, and hacked the email accounts of those customers.

magnetic zero

https://www.boards.ie/discussion/comment/123040616#Comment_123040616

Yes, I never received the legitimate invoice despite being Cc'd. I'd agree that to me, that would indicate an issue on my side. The fraudulent emails then continued to be received by both myself and my wife. Initially she confirmed with the scammer, that she had received the invoice through her email. Subsequently, when it came to payment, I was then in contact with them to confirm payment.

wandererz

For small payments (less than €100) I could (in theory) tap my Sumup machine or the app on my phone against someone's pocket/wallet and get a small amount. Same as if you were paying for something at a shop.

For larger transactions, especially if it was a push transaction, the bank will argue that you logged in, you authenticated with your username/password & pin code and possibly a card reader so it must have been you.

They did their duty of care as much as possible and in the same or similar way to other institutions and according to best practice, so it's not their problem.

Unfortunately, you may not get very far with this.

If and when you can get in touch with the company (keeping in mind builders holidays over Xmas / New Year) explain the problem, show them proof. Suggest that it could have been a compromise on their side for the scammer to know all this information.

The company will still need to be paid, so suggest a payment plan if possible.

noodler

If the company's email has been breached/hacked whatever then they definitely know it (how likely is it you are the first?).

I think I'd hold tight OP.

The very fact they've been radio silent for weeks rather than hounding you for payment is curious.

Christ though, I'll never make another bank transfer again.

893bet

https://www.boards.ie/discussion/comment/123040616#Comment_123040616

Did you receive it and did they have access to delete that mail from your account in order to then replace it with the fraudulent one?

magnetic zero

https://www.boards.ie/discussion/comment/123040645#Comment_123040645

Thanks. Yeah, I don't feel as though the bank are culpable. The only query might be around if they delayed taking prompt action to try to have the payment blocked. Would I be entitled to know exactly when they initiated the process to block the payment? Bear in mind I rang them on a Saturday morning. Information online indicated that payment to the UK FROM the AIB app could take up to 48 hours, but it must have gone through quicker, or else the process to block the payment takes longer than a couple of days. Either way, you are told to wait to see if money returns to your account. If it hasn't, then there is nothing else they can do.

The Continental Op

OP if you paid to a "UK" bank do you have any form of protection from the UK's new banking regulations?

https://www.bbc.com/news/articles/cy94vz4zd7zo

magnetic zero

https://www.boards.ie/discussion/comment/123040651#Comment_123040651

I expected that I had, and that I had subsequently paid the scammers fraudulent one instead, but looking back through my emails I didn't have the legitimate invoice email. Whether a scammer had access to my emails, in order to delete the legitimate one, and replace it with a fraudulent one is unknown really.

magnetic zero

https://www.boards.ie/discussion/comment/123040705#Comment_123040705

That is something I hadn't considered. Maybe the fact I made the payment from an Irish account might be an issue there. Also, as this payment was before these rules were implemented I presume that's another problem for me. Thanks for the suggestion though.

Edit. Those rules are what I was referring to earlier when I read that people in the UK were protected from this type of scam to a much larger degree.

mrslancaster

…”The only difference was that it was sent from the name of the individual who installed the system as opposed to the company name, and then on the invoice the payment details were different. The phone number on the main invoice was the same as the legitimate one from the company director”…

So much to untangle. OP just to be clear. Were there two invoices issued in the company name and just sent from different emails, or was one issued in the company name and the other issued in the name of the installer?

If both invoices were issued in the company name, then I’m not seeing how this is the OP’s problem tbh.

1) invoice from the company email address, (accounts dept)

2) invoice from the email address of the installer, (worker, sales dept, company director / proprietor)

3) OP paid his bill to the bank details on the invoice received from the installer’s email

4) Company claim they were not paid so will not fix ongoing issue

Sympathy for the business if they have been scammed of course but I think it’s the company that needs to follow this up with Gardai and not the OP. To be fair, how was OP expected to know that the bank details on the invoice he received were different to the bank details on the invoice his wife received? Both came from emails within the company - same invoice as far as OP was concerned.
For example, we get renewal invoices from an insurance broker 4/6 weeks in advance, and then a reminder a week or so later. We never compare the bank details on the reminders to make sure they match the renewal invoice. (Obviously need to do that in future.) However, if the broker said they hadn’t been paid, but we could produce emails and proof of payment to the bank on the reminder, I don’t believe that would be our issue to resolve when we paid in good faith based on their documentation.

Also, how was OP to know whether the supplier had more than one bank account for the business? They could have several, different branches, cross-border trade etc.

It all sounds a bit suss to me.

ginger22

https://www.boards.ie/discussion/comment/123040642#Comment_123040642

It would be very unusual for a legitimate company to use a revolute account to receive payments. It should have set alarm bells.

Having read your posts it would appear to me it was a company employee that arranged the scam, either someone directly involved with the transaction are someone who would have had sight of the invoice.

Lenar3556

Another possibility, and one which I think should not be overlooked is that this suspect invoice was in fact sent by the firm, or people affiliated to it, with a view to receive the funds into another bank account.

There could be a variety of reasons - perhaps there are some disagreements between individuals within the firm, maybe the firm is likely to go out of business and this was an attempt to divert funds out of their normal bank account potentially to place the funds outside the reach of creditors.

The fact that they have been uncontactable since November despite 6 phone calls is significant. I wouldn’t ignore someone for the guts of 2 months who owed me €10k.

You don’t detail the nature of the technical issue you are experiencing, and it’s not clear either why they have been unable to resolve it, but you may need to engage someone else to have a look at that.

I certainly wouldn’t be transferring any further funds to anyone as things currently stand. Invoice redirect fraud remains a possibility, but when you look at the bigger picture, I think there is cause to treat the firm themselves with some degree of suspicion.

magnetic zero

https://www.boards.ie/discussion/comment/123040751#Comment_123040751

Apologies for the confusion. I was probably unclear. My wife received the legitimate email e.g info@ company name.ie

Then over two hours later I received the cloned information but this was from

Installers name<info@company name.ie@caramail.com>

In hindsight if I was comparing both addresses, my suspicions would have been aroused. I don't realistically believe the fraudulent email was sent by the company.

magnetic zero

https://www.boards.ie/discussion/comment/123040762#Comment_123040762

Using Revolut didn't set off any alarm bells to be honest, but maybe it should have. I took for granted it was a legitimate request from a legitimate business.

magnetic zero

Thanks for your input. I also am left wondering why the installer won't return the calls.

I have left voice messages regarding the issue ( eddi solar water heating system is not working and cuts out as soon as the immersion element is triggered) My plumber has twice replaced the heating element, so I believe the issue is with the unit itself. I was hoping the company would replace the unit at this stage.

I suppose if they feel I'm not making contact about paying them, then they are not interested. That's just a guess on my part.

Lenar3556

https://www.boards.ie/discussion/comment/123040848#Comment_123040848

The Eddi is a relatively small piece of the overall system, which is a positive - you will be able to have someone get to the bottom of that if necessary.

Ignoring you is a very poor strategy from anyone looking to collect their money, (if they haven’t in fact received it)

Alot of the firms offering PV are new ventures. In many cases if you were to look under the bonnet they have very little employees, and are effectively sales agents, subcontracting all of the work to others. I am not saying there is anything necessarily wrong with that, but they don’t have a lot of skin in the game so to speak and the firms can be wrapped up quite quickly.

eusap

did you check your deleted items folder to see of the orignal email was binned? by a hacker?

magnetic zero

https://www.boards.ie/discussion/comment/123040922#Comment_123040922

Thanks for the reply. Yeah, I'm not overly concerned by the eddi aspect. We have a back boiler to heat water and that's fine for the moment. Just frustrating being left on the long finger. When the warmer weather comes later in the year, and I wouldn't be turning on the stove anyway, then it would be an issue.The company have gotten a lot of local work, and I would have had no problem recommending them. Hard not to feel I'm just being ignored at this stage. I understand it must be annoying them too.

magnetic zero

https://www.boards.ie/discussion/comment/123040984#Comment_123040984

I checked my deleted folder at the time and I didn't find the legitimate email that I was supposed to receive.