Natfoods Loses US$6 Million to SA Scammers
The scammers then began instructing the firm’s banks to deposit money into their own bank accounts in South Africa using the finance administrator’s credentials
IN what could be one of the biggest cybercrimes ever reported in the country, National Foods, a local manufacturer and marketer of food products, lost over US$6 million to criminals who hacked into its computer systems and accessed credentials to transfer money from its bank accounts.
The suspects, including two foreigners, engineered an intricate phishing scam that began with the scammers sending an e-mail purportedly from a South African financial institution to the National Foods’ finance manager.
Phishing is the fraudulent practice of sending e-mails disguised as electronic messages from reputable companies to induce individuals to reveal personal information, such as passwords.
Upon opening the e-mail, Natfoods’ computer system was corrupted. This gave the fraudsters access to the company’s computer system, including authorisation to process financial transactions.
The scammers then began instructing the firm’s banks to deposit money into their own bank accounts in South Africa using the finance administrator’s credentials.
Zimbabwe Republic Police spokesperson Assistant Commissioner Paul Nyathi confirmed the case.
“I can confirm that we have that case. I will have the full details by Monday.
Sources close to the case said local banks were made to believe they were receiving genuine instructions to transfer funds from Natfoods.
The funds were transferred into two South African banks — FNB and First Rand Bank — on numerous occasions between September and October last year.
The scandal only came to light in November following an internal financial audit that uncovered the suspicious transactions amounting to millions of dollars.
An investigation was then instituted to look at transactions between Natfoods and two local banks that dealt with the food processing company, and it was established that their computer system had been compromised.
“Local investigations established that the company’s computer system was hacked through the finance manager’s email.