A sophisticated crime group responsible for stealing £1.1m destined for a school in Bedford attempted a similar fraud to acquire a £3.2m grant, which was foiled soon afterwards.
The second offence targeted Bedford Borough Council, South East Midlands Local Enterprise Partnership (SEMLEP) and Luton Borough Council, using the earlier infiltrated email accounts.
SEMLEP and LBC were both victims of serious fraud in the first crime, in March 2020, which involved the misdirection of £1.1m local growth funding intended for Mark Rutherford School in Bedford.
“It’s clear that the modus operandi of the offenders was to use methods to mask the fraud, prevent detection and hide the criminal activity,” according to a report from the National Investigation Service (NATIS).
“This included the use of similar domain names to that of legitimate business practices in the SEMLEP community, as well as infiltrating and mimicking known employees of the organisation,” said the report.
A user account of a female SEMLEP employee was “illegally compromised by a criminal entity, which then contacted the council to advise of a change of bank account details for the school”.
The borough council discovered in April 2020 the funding had vanished mysteriously and contacted Bedfordshire Police, which led to the inquiry being handled by NATIS.
“Between March 11th and March 17th 2020, another mandate fraud was attempted against SEMLEP, LBC and Bedford Borough Council for the sum of about £3.2m,” the NATIS report revealed.
“This fraud mirrored the requests made in the earlier substantive offence concerning the school.
“Officers from LBC were requested to make changes to the Bedford Borough recorded bank details, so that the payment due to it would ultimately be redirected to another illicit account.”
Get daily FREE news here:
https://www.bedsbulletin.com/bulletin/sign-up/
Although no evidence links the two frauds currently, NATIS acknowledged that “it’s highly likely that both were committed by the same criminal entities” whether an individual or an organised crime group.
“This later fraud was detected before changes were made, so preventing any money being sent to the illicit bank account,” explained the NATIS report.
“Although this fraud is described as an ‘attempt’ it’s deemed a substantive offence, despite no money being lost by any party.
“A number of emails were sent from a genuine LBC employee’s account and those of various people at SEMLEP from March 11th-17th, 2020.
“Analysis of these emails identifies that one email account was compromised, another email account was mimicked and other SEMLEP employee’s email addresses were spoofed and appear as @SERNLEP.
“It’s believed these were deliberate ‘plants’ by those committing the fraud to add legitimacy to the email chains.
“In the email headers, the email addresses were in lower case as @sernlep, adding to the difficulty to identify the mimicked email addresses.
“On March 17th, a SEMLEP email account received an email from an LBC account chasing for updated bank account details for Bedford Borough.
“The email copies in three SEMLEP recipients, but their email handles were incorrectly written as @sernlep in lower case lettering.”
These altered email addresses were noticed and interested parties alerted to the crime.