By Patience Nyangove and Marianne Nghidengwa
THE police have launched an investigation into a phishing syndicate that has potentially netted millions of dollars in Namibia, after targeting a host of local entities, which so far include a private hospital, a parastatal, at least three government ministries and a national university.
The defrauded entities fell for the scam after they were sent emails informing them that their security company service provider had changed its banking details to an Absa account in South Africa.
Although the investigation is still at an early stage, police sources confirmed to Confidente this week that at least 10 Namibian entities had been targeted by the phishing scam.
Among the entities that have suffered losses are the Namibia University of Science and Technology (NUST), which allegedly lost N$1.8 million to the fraudsters, according to senior university sources.
The Electricity Control Board (ECB) has lost N$39 000, and the Rhino Park Private Hospital has reported losses of N$120 000 to the scam. In all the cases, the tricksters wrote emails in which they informed the victims that Namibia Protection Services (NPS), a security service provider, had changed its banking details.
However, this may just be the tip of the iceberg, as the police investigations, which include cooperation with Interpol, expands to include further cases.
NUST sources told the Confidente this week that the university had paid two instalments, totalling, N$1.8 million into the Absa account, with both transfers taking place in September last year.
Confidente is also informed by police sources that the agriculture, mines and health ministries had also been targeted by the fraudsters, although no cases have been opened to date.
In the case of NUST, Confidente is informed that the fraudsters emailed the institution in August last year, claiming that NPS had changed its banking details.
NPS Chief Executive Officer, Cobus Visser, told Confidente this week that the company had never changed its bank details, and got wind of the scam two months, after NUST had transferred the money.
“We never changed our bank account, and we never forwarded (NUST) documents informing them of any such changes. It’s a scam we picked up two months, after the money was paid into the (Absa) account. They even faked our letterhead and my signature. We did not suffer any losses, as NUST paid us what they owed us,” he said.
As part of the scam, a letter was sent on an Absa letterhead, confirming to NUST that Namibia Protection Services account was now held by the South African bank.
The falsified Absa letter was signed by a certain Rinay Roopnarain, whose name has been used in similar phishing scams, as far back as 2012.
Investigations by Confidente have revealed that a real Rinay Roopnarain exists and was at some point employed by Nedbank South Africa, FNB and Absa.
ECB and Rhino Park Private Hospital also confirmed later that the fraudsters had changed NPS’ bank account details.
National Police spokesperson, Deputy Commissioner Edwin Kanguatjivi, confirmed on Wednesday that NUST, ECB and Rhino Park Private Hospital had incurred losses as a result of the phishing fraud.
“These companies have opened cases with the police, after fictitious emails, using Gmail accounts, were sent to them, informing them of changes in bank details. We are investigating the cases and at the moment, and we can’t say whether these scammers are working alone or with people within the defrauded companies,” Kanguatjivi said.
“No one has been arrested yet. What complicates matters is that the majority of the bank accounts used are Absa accounts, and this means we have to work through Interpol to investigate the matters,” he said.
He also revealed that the ministries of health, mines and agriculture had been targeted by the scammers.
ECB’s Legal and Corporate Communications Officer, Johann Malan, said that the parastatal lost N$39 000 between December last year and January this year.
“The money was meant for our security service provider (NPS); we received letters that the security company had changed their banking details. The documents looked genuine. They were on a letterhead, so we paid N$39 000 into the account provided to us. We only learnt at a later stage that it was a scam, because the security company enquired about their outstanding payments. We are currently working with banks to see if the matter can be reversed, but it’s a bit late because the money was withdrawn. We have also opened a police case,” Malan said.
“Following this incident, we have definitely sharpened our internal processes, to prevent this from happening in future.”
Meanwhile, Rhino Park Private Hospital’s Financial Director, Corna Smith, said that it lost N$120 000 to the scam.
They too received an email from their security company supplier, which claimed that bank details were being changed.
“Yes, there was such a case in which we lost about N$120 000. We received an email stating that bank account of our supplier had changed. It looked genuine, because of (official) stamps, and it was presented on a letterhead. “We deposited the money around December and January this year, we later realised it was all just a scam. We will never change bank accounts like this again, until people themselves come to us and sign the relevant documents.” NUST Director of Communication and Marketing, Kaitira Kandjii refused to divulge further information, saying that the fraud was still under police investigation.
“The matter is receiving our full attention, and due to the fact that it is still under police investigation, we are not at liberty to communicate any details thereon. Furthermore, may it be noted that the amount in question is N$600 000, and not N$1.8 million, as you indicated. The matter is at the moment of a sensitive nature, and only once the investigations are concluded, we will be able to update you on the developments.”
Confidente. Lifting the Lid. Copyright © 2015