Fraudsters swindled a company in Uralsk out of 8 million tenge twice.

Cybercriminals hacked into the computer and replaced the banking payment information.

https://total.kz/ru/news/finansi/moshenniki_dvazhdi_obmanuli_kompaniu_na_8_millionov_tenge_v_uralske_date_2024_10_29_10_00_302024-10-29 07:09:35

The regional chamber of entrepreneurs in ZKO was approached by the accountant of the individual entrepreneur "Oral ZBI," Aynura Sultanova. She reported that scammers had stolen a large amount of money from the organization's account twice.

On July 30, the accountant received a letter supposedly from the city department of state revenues. The letter appeared official, with a logo and signature, but upon opening it turned out to be a phishing attempt. An IT specialist from the company cleaned the computer, but two weeks later, the enterprise lost a significant amount — 4.1 million tenge. It later became clear that simply cleaning the computer was not enough; Windows needed to be reinstalled.

After 14 days, a blue screen appeared on the accountant's computer requesting a password update. She entered the combination as requested. There were minor disruptions, but the call center of Bereke Bank assured her that everything would be resolved soon.

After regaining access, the accountant transferred money to the account of "MetalInvestAtyrau" for the purchase of cement. However, two hours later, the computer froze again, and Sultanova discovered that the money — 4.1 million tenge — had been transferred to the account of an unknown individual.

The accountant noted that the transfer took only two minutes, whereas it typically takes four hours or more. The police found that the computer had been hacked via the phishing email, and the money belonging to a certain "K" was distributed across three accounts.

“While the cyber police were searching for the perpetrators, the individual entrepreneur 'Oral ZBI' lost money again. According to the accountant, on September 2, when transferring 4.4 million tenge to the account of LLP 'Caspian Cement,' the computer mouse began to vibrate, prompting the accountant to call the bank's call center. They advised her to install a mobile application and to authorize payments using an electronic key. She followed their advice and made two transfers. However, on September 20, it turned out that the money did not go to the supplier's account but again to an individual's account — this time to 'S.' The scammers altered the payment details: in the new payment document, they kept the recipient's name (LLP 'Caspian Cement') but changed the beneficiary sector code and business identification number. The receiving bank was also changed to Altyn Bank,” the source clarifies.

Aynura Sultanova inquired with the staff of Bereke Bank about why they did not reject the payment if the BIN and sector code did not match. They responded that she had signed the payment using eTokin and that the payment was processed correctly.

The accountant is outraged that changes to the payment were made after it was sent through the application, indicating a breach of the bank's system. Similar questions arose from the individual entrepreneur regarding Altyn Bank.

The regional chamber "Atameken" invited representatives from Bereke Bank and Altyn Bank to a video conference, but the banks did not respond to the invitation. The chamber of entrepreneurs in ZKO now intends to seek explanations through the National Chamber of Entrepreneurs "Atameken" regarding compliance with transfer regulations.

The acting head of the department of economic investigations, Yersain Zhumabaev, stated that he would send a request to the Agency of the Republic of Kazakhstan for Regulation and Development of the Financial Market to check the security level of the information data of clients of Bereke Bank and Altyn Bank.