Paria claws back 75% of money lost in phishing scam

PARIA Fuel Trading Co Ltd chairman Newman George said 75 per cent of funds lost in a $1.3 million phishing scam have been retrieved by the company in a court settlement.

He made the disclosure in response to questions by Wade Mark, chairman of Parliament’s Public Accounts (Enterprises) Committee (PAEC) which sat on January 15 at Cabildo Chambers, Port of Spain. Mark said the scam had involved a sum of US$200,264 (roughly $1.3 million) plus another sum of $168,000.

George, in reply, confirmed the first sum, while Paria finance lead Daren Lal addressed the $168,000 as a legitimate payment.

Lal said the $168,000 “was the VAT portion of the invoice and was successfully paid to the supplier, so there was no issue with that portion.”

Mark asked George if he anticipated recovery of the other 25 per cent of the US$200,264 sum or was it expected to be a write-off.

Lal fielded the question.

“The recovered amount as indicated was US$147,000. The difference, we think we will have to write off that amount based on the settlement.”

Mark interjected, “When you say ‘settlement’, do you mean settlement with the fraudsters who stole our money?”

Lal replied, “Following the incident a lawsuit was filed by another party impacted by the fraud.

“Paria was joined in this claim due to its involvement in the fraudulent transaction and the litigation resulted in the freezing of the account where the funds were diverted.”

Lal said the defrauded funds had been diverted to an account in the US, even as other parties had been affected by this phishing incident.

“When the legal proceedings unfolded it became clear that the uncertainty and costs associated with the litigation was significant for all parties involved.

“Consequently, an agreement was reached to settle the matter in a way that was mutually beneficial and this is where Paria was able to recover the 75 per cent of the losses after all parties agreed on settlement.”

Lal agreed to Mark’s request to provide a copy of the court judgement.

Replying to Mark, Paria general manager Mushtaq Mohammed said the matter had been reported to the police service Fraud Squad which is doing investigations.

Mark asked if Paria had done any internal investigation into the fraud.

“You had to be hoodwinked, whoever was in charge of that unit, to allow some strange being or body writing you and telling you ‘X’. This is not the body that did the job but somebody else contacting you and saying ‘Things have happened. Send this money not to the people who did the job but to this new person.'”

He asked what sanctions were imposed on whoever in Paria had fallen for the scam.

“Did the company conduct an investigation? Was anyone held liable for that situation?”

Mohammed said Paria’s internal investigation had led to recommendations for a tightening of policies, training of staff on phishing and re-education of employees.

All staff undergo monthly training on electronic fraud, he said. “We feel those measures have been successful in being able to mitigate the risk of future losses.”

No further fraudulent acts were suffered by Paria since 2022, he assured.

Replying to PAEC member Rushton Paray, Mohammed deemed it a cyber attack against Paria.

Paray was amazed that one person had the authority to approve $1.3 million and had subsequently received just a slap on the wrist and got re-education.

He found it hard to believe the banking system had raised no red flags on the transaction and that no-one had been punished.

Michael Quamina, chairman of Trinidad Petroleum Holdings Ltd which includes Paria, and Heritage Petroleum Co Ltd, offered insights into cyber-attackers/online fraudsters.

“They constantly send you e-mails with variations of the e-mail address to test, to make sure people read it very carefully.

“You would be amazed, on a global scale, how often it is that people don’t realise there is a slight change in the name and this is how this phishing takes place.

“So it is not unusual that circumstances will arise where this occurs but you can’t necessarily vest the person who was the victim with any type of intent, unless it is they had gone through the significant amount of training.”

Mark asked who in the organisation had the final say on authorising what turned out to be the fraudulent payment. “There ought to be checks ad balances.”

Newsday understands that on November 1, 2022, a contractor requested payment from Paria for work done on two tanks, and payments were made of US$200,264 and $168,000 to their US account. However a second e-mail to Paria from a California IP address gave a change in bank details, with a slight change in name, facilitating the fraud.

Subsequent inquiries found Paria had not undertaken internal processes to verify the change in details, even as later on the internal auditor recommended a phone call to verify the changes, using an authorisation change form and awareness training for Paria staff.

The post Paria claws back 75% of money lost in phishing scam appeared first on Trinidad and Tobago Newsday.