Local people. Local expertise. Industry leaders.
07) 4944 2000
Facebook
LinkedIn
MacAmiet Logo White
  • Home
  • About
    • Profile
    • Privacy and Credit Reporting Policy
    • History
    • Career Opportunities
  • People
    • Directors
      • Gene Paterson
      • Pat Carroll
      • John Formosa
      • Darren Sekac
      • Stuart Naylor
      • Andrew Telford
      • Samantha Sticklan
      • Paul Formosa
      • Caitlin Roberts
    • Associates and Solicitors
      • Steven Hayles
      • Danielle Fitzgerald
      • Brigid Paterson
      • Rebecca Casanovas
      • Dyane Norton
      • Jessica Kay
      • Nelson Turner
    • Notary Public
      • John Formosa
    • Migration Agent
      • Paul Formosa
  • Services
    • Legal Services (A-C)
      • Banking Law
      • Business Law
      • Civil Litigation
      • Conveyancing
      • Criminal Law
    • Legal Services (D-O)
      • Deceased Estates
      • Family Law
        • Getting Started
        • Start Now Online
        • Frequently asked questions
        • Domestic Violence
        • Local Services Guide
        • Meet our Family Lawyers
        • Family Law News Articles
      • Family Law Online
      • Immigration & Australian Visas
      • Notary Public
    • Legal Services (P-Z)
      • Personal Injuries
        • Compensation Claims
        • Motor Vehicle Accident
        • Workers Compensation
      • Planning Law
      • Powers of Attorney & Advance Health Directive
      • Property Law
      • Wills and Estates Planning
      • Workplace Law
  • Charitable Foundation
  • News
    • Latest News
    • Subscribe
  • Contact
    • Mackay
    • Proserpine
    • Whitsunday
    • Solicitor Gold Coast
  • Payments
    • Pay Now
    • Payment & Refunds

Invoice Redirection Fraud – Who is Liable?

June 12, 2020Jessica KayJessica Kay

Invoice redirection fraud commonly occurs where a third party fraudster will intercept tax invoices sent by email from one party to another or where the third party fraudster impersonates a business and convinces an innocent party to redirect funds into an account set up by the fraudster. This occurs by the fraudster gaining access to an email account or the fraudster using an email address that appears legitimate and almost identical to a trusted business which then requests the invoices be paid to the fraudsters account.

Once the amount of the tax invoice is paid to the fraudster’s bogus account, the question arises: who should have to bear the loss?  The person/ organisation who paid the funds into the fraudster’s account or the business whose tax invoice has not been paid?

The victim of the fraud is the party who has paid the funds into the wrong account.

Arguments can arise as to whether the victim of the fraud should wear the loss if the other party involved in the transaction failed to maintain adequate internet and administrative security measures, including but not limited to cyber security measures, which allowed the fraudulent alteration of the tax invoice to occur.

To determine how the fraud occurred may involve experts examining the computer from which the email was sent, the records of the service providers through whom the emails passed and the computer which received the email.

There is limited authority in Australian Courts concerning the argument as to who is to wear the loss caused by the fraudulent third party.

In Factory Direct Fencing Pty Ltd v Kong AH International Company Limited [2013] QDC 239 the Queensland District Court considered whether a duty of care was owed.

This case concerned whether a supplier of materials (defendant) owed a duty of care to the buyer of the materials (plaintiff) where a fraudulent email was sent impersonating the supplier of the materials and providing bank account details which were different to an account into which the buyer had previously paid for the materials supplied.

The Court considered, that if such a duty of care were to exist that it would be a novel one, and as such a consideration of the salient features of the relationship were necessary and included consideration of: –

  1. The foreseeability of harm;
  1. The nature of the harm;
  1. The degree and nature of control able to be exercised by the supplier of the materials to avoid the harm;
  1. The degree of vulnerability of the buyer of the materials to harm from the supplier of the materials’ conduct, including the capacity and reasonable expectation of the buyer of the material to take steps to protect itself;
  1. The degree of reliance by the buyer of the material upon the supplier of the material; and
  1. Any potential uncertainty of liability.

In this case it was decided that although the economic loss ($130,000.00) to the buyer of the materials was foreseeable given the high rates of cybercrime of this nature, the buyer of the materials was almost entirely able to mitigate the loss by telephoning to confirm the correct bank information with the seller of the materials prior to making payment.

Moreover, the Court pointed out that if a duty was to be imposed on the seller of the materials to confirm each and every email they sent to ensure that only current information was sent it would present too broad of a duty on the seller of the materials.

How this scenario would play out in other Australian jurisdictions or whether such an approach would be adopted by a higher Court remains unclear.

It is clear that businesses need to protect themselves from cybercrime.

One way to achieve some protection is to insist on two-factor authentication before making any payment (email and telephone, email and fax).  A further way is to insure against the loss and the legal and other costs associated with cyber fraud.

 

Tags: Cybercrime, Fraud, Invoice Redirection Fraud, Litigation, Redirection Fraud
Jessica Kay
https://www.macamiet.com.au/firm/jessica-kay/
Previous post Enduring Power of Attorney Next post Welcome Nelson

News

  • Applicant Receives Deceased’s Property on Basis of a Verbal Promise Fulfilled
  • Medical Negligence Claims
  • Social Media Defamation
  • Driving with an Interstate Driver Licence or Motor Vehicle
  • New Enduring Power of Attorney and Advance Health Directive Forms
  • Insurers Liable for Business Interruption Caused by COVID-19
  • Child Support: Applying for a Change of Assessment

Mackay | (07) 4944 2000

mac@macamiet.com.au
55 Gordon Street                                 Mackay QLD 4740

Whitsunday | (07) 4948 4500

whitsundays@macamiet.com.au
Whitsunday Business Centre 230 Shute Harbour Road Cannonvale QLD 4802

Proserpine | (07) 4964 6900

proserpine@macamiet.com.au
15 Chapman Street                         Proserpine QLD 4800

Gold Coast | 0419 714 015

dsekac@macamiet.com.au

 

Available by appointment & home visits available

HomeAboutPeopleServicesCharitable FoundationNewsContactPayments
© 2020 Macrossan & Amiet. All rights reserved.
Designed and Hosted by Extend Digital