Skip to main content

A growing email scam has cost a major airline millions of dollars

email scam tricks major airline japan airlines
Japan Airlines
As individuals, we all know we have to keep our wits about us when we’re online. If you’re really unlucky, a couple of ill-considered clicks or downloads could quickly ensnare you in a scam that ends up costing you hundreds of dollars, possibly more.

But if you’re working for a company and your job is to make big payments to other businesses, the stakes are much higher. And yes, even global players can get caught out.

Take Japan Airlines (JAL). This week the international carrier admitted it had fallen victim to an email scam that cost it a not-insignificant 384 million yen (about $3.39 million).

Known as “invoice redirect” or “business email compromise,” it seems that at least one JAL employee was tricked into making several payments to bogus bank accounts. One account purported to belong to a U.S. financial services company which had been leasing a plane to the airline, but it had in fact been set up by fraudsters, the Japan Times reported.

In such cases, cybercriminals first hack the service-providing company’s email system to gain information about its business procedures before using the gathered data to approach its customers for due payments. Posing as the company, the scammers contact the customer by email, even going so far as to imitate the writing style of the person that usually sends such emails. The correspondence will include invoice and bank details, and if the two companies have a history of doing business, there might even be a bogus explanation as to why the bank information has changed.

Recipients sometimes fail to spot the red flag presented by the change in bank details as they’re already expecting to make the payment to the company, so in their eyes nothing seems out of the ordinary.

In JAL’s case, an employee first transferred around 360 million yen ($3.17 million) to the criminal’s Hong Kong account for the lease of a plane when they believed they were paying into the account of the financial services company. This was soon followed by another payment of around 24 million yen ($212,000) into a different Hong Kong account that JAL thought belonged to an American logistics firm it had had dealings with. In the case of the first transaction, JAL only realized it had been scammed a month later when the company got in touch to inquire about its payment.

The incidents took place in September but came to light this week when the airline revealed it was working with law enforcement in a bid to find the perpetrators and track down the money.

In a similar incident reported on Thursday, December 21, scammers tricked officials at Dublin Zoo in Ireland into paying 500,000 euros ($590,000) into a fake account. Fortunately for the company, 370,000 euros ($440,000) of the total amount has been frozen and will be returned to the zoo, though the remainder may be lost.

The sting, which has become more prevalent in the last couple of years, targets companies big and small around the world. Experts suggest that an employee making a payment to an outside company first call it to confirm the validity of the emailed invoice and also the bank details contained within it, and to call again once the funds have been sent to ensure they’ve been received.

Cases like this surged in the U.S. last year, with fraudsters attempting to steal a total of more than $5.3 billion, the FBI said.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
How to get Microsoft Office for free
A person using a laptop that displays various Microsoft Office apps.

Microsoft Office, or Microsoft 365, is a premium application suite that you need to pay for to get full access to. That is, unless you use the web apps, or the free trials, or you're a student. Then you can get Microsoft Office for free. And don't forget the excellent Microsoft Office alternatives you can try (for free!) too.

Here's how to get Microsoft 365 for free, in a few different ways.

Read more
This Lenovo Legion gaming PC with RTX 4080 Super is $660 off today
Lenovo Legion Tower 7i gaming PC sitting on a table.

Gamers who are planning to upgrade their gaming PC should consider the eighth-generation Lenovo Legion Tower 7i with the Nvidia GeForce RTX 4080 Super graphics card. That's because this machine is on sale from Lenovo with a 20% discount, which is equivalent to $660 in savings. From its original price of $3,300, it's down to $2,640 -- it's still not cheap, but it's actually a steal price for a gaming desktop that's this powerful. You're going to have to be quick in completing your purchase though, as the offer may be gone as soon as tomorrow.

Why you should buy the Lenovo Legion Tower 7i Gen 8 gaming PC
The Lenovo Legion Tower 7i Gen 8 challenges the best gaming PCs with specifications that will let you play the best PC games at their most demanding settings. In addition to the Nvidia GeForce RTX 4080 Super graphics card, it's equipped with the 14th-generation Intel Core i9 processor and 32GB of RAM that our guide on how much RAM do you need says is the sweet spot for high-end gamers. There's no such thing as a future-proof gaming PC as you'll eventually have to upgrade its components -- with easy swapping of parts being one of the advantages of gaming desktops over gaming laptops -- but the Lenovo Legion Tower 7i Gen 8 comes close as you'll be prepared for the upcoming PC games of the next few years.

Read more