Dutch bol.com deposited 750,000 euros into the fraudsters’ bank account, after the company fell into a transparent phishing attempt.
JVSource: Financieel Dagblad
Bol.com paid the scammers 750,000 euros that was already earmarked for Brabantia, which uses the bol.com platform. Then Brabantia went to the court, which now ruled in favor of the kitchen utensil producer. Bol.com now has to pay the money again.
The judge’s ruling in Utrecht shows how easy it can be to defraud. Bol.com received an email from Brabantia in November 2019 in poor Dutch language. “Keep in mind that starting today we have a change in our bank account details for incoming payments,” she says.
“From now on, all incoming payments should be transferred to our branch account in Spain. We appreciate if you can update your information.” An obvious case of phishing, but bol.com takes it up and changes Brabantia’s internal payment details. Thus, the fraudsters end up with a total of € 751,493.09.
They can forge letters and emails from Brabantia because they hacked into an employee’s email address in the fall of 2019. So Bol.com believes its employees have sufficient reason to believe that the change to the Brabantia account number was correct.
But the judge disagrees. It appears that the request to change the account number has resulted in a “healthy suspicion” on bol.com. After all, this change is known as a classic fraud scammer scam. And why would a Dutch company want to receive payments from another Dutch company into a Spanish bank account? The verdict said, “Wonderful.” Inadequate and alternating English and Dutch language should also be noted in the spoofed message by bol.com.