Norfund Was Defrauded $9.8 Million in an “Advanced Data Breach” Incident

Last updated September 25, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Norfund has announced that they have fallen victims to a severe case of fraud through what they call an “advanced data breach.” More specifically, the Norwegian private equity company that has been helping developing countries fight poverty since 1997 has had a transaction end up in the wrong place after actors managed to deceive its employees. Right now, Norfund is collaborating with the police and the law enforcement authorities, trying to reverse the loss of 100 million NOK ($9.8 million).

Norfund was supposed to send this amount of money to a microfinance institution in Cambodia, which would then empower local entrepreneurs to realize their dream by offering low-interest loans. Instead of helping Cambodia fight poverty and boost its economic growth, the amount went straight to the defrauders, after the latter manipulated and falsified the information exchange between Norfund and the Cambodian entity. They sent them fake documents and payment details that would divert the amount into their pockets, and the scam worked.

The swindlers opened a bank account in Mexico using the name of the Cambodian person who was impersonated, and so the $9.8 million ended up there on March 16, 2020. From then on, they continued to communicate with Norfund, confirming the reception and laying out investment and financial plans. The story went on like this until April 30, 2020, when Norfund finally discovered what had happened. With so much precious time passed, the chances of the private equity firm getting back its money went down to zero. Apparently, the scammers were discovered only because they attempted to defraud Norfund again. Otherwise, even more time might have passed until the realization of the initial fraud would have taken place.

The Norwegian Centre for Information Security has stated that these transaction-diverting frauds are becoming an increasingly tenacious and recurrent problem for companies in the country. Terje A. Fjeldvær, the head of fraud prevention of DNB, has stated the following about the incident:

“Fraud cases of this kind are performed by very sophisticated criminals. With access to e-mail communication between two parties, they can familiarize themselves with how the parties correspond. The payments they initiate therefore deviate very little from ordinary payments performed by the victimized company and become very hard to detect and prevent.”

Norfund admitted that their security and control measures had been proven inadequate. CEO Tellef Thorleifsson said characteristically:

“This is a grave incident. The fraud clearly shows that we, as an international investor and development organization, through active use of digital channels are vulnerable. The fact that this has happened shows that our systems and routines are not good enough. We have to take immediate and serious action to correct this.”

The FBI has issued a warning recently, presenting two cases of payment diversion, underlining the dire consequences that accompany them. Seeing any amount of these fraudulent payments being reverted is a rare phenomenon. So, the best thing that you can do to protect against these scams is to call the person who is to receive the payment and verify the bank account details before you approve any transactions.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: