Police Investigate Fraudulent Domain Registrations Targeting Icelandic Companies
Authorities in Iceland are currently grappling with a rising threat as foreign fraudsters have been discovered purchasing domain names that mimic those of local companies. These deceptive domains are designed to create the illusion of legitimacy, aiming to exploit unsuspecting businesses.
Steinarr Kristján Ómarsson, a police officer in the computer investigation department for the capital area, explained that these fraudsters are conducting thorough reconnaissance on various firms. They are reportedly lifting the names of CEOs, managing directors, and other representatives to mislead potential victims.
The Mechanics of the Scam
Communication from these fraudsters often occurs through fabricated email addresses. However, police have yet to uncover evidence suggesting the creation of fake social media profiles impersonating these company representatives. Most of the fraudulent domain registrations have occurred in two foreign countries.
The ultimate goal of this scheme appears to be ordering products from legitimate foreign suppliers under the guise of being the Icelandic companies, with invoices directed to Iceland but goods being shipped elsewhere. While there have been no confirmed cases of local businesses suffering direct losses, Steinarr urges vigilance, noting, “There’s a reason for caution.”
Confidentiality in Action
To protect those affected, the involved companies have opted to remain anonymous—a decision supported by the police, given the absence of public interest in identifying them. Steinarr observed, “We’re keeping this confidential because it can be sensitive for these companies as well.”
The situation began to unfold in mid-October when reports surfaced involving three separate companies, followed by a fourth case on November 11. In response, Icelandic police have communicated with authorities in the countries where the fraud originated, utilizing both national channels and Europol.
Ongoing Monitoring Without Major Investigation
Currently, there is no expansive investigation into the matter, as Steinarr clarified that police efforts are primarily focused on monitoring the situation. “This is mostly a preventive measure, as we are following up on any new information that arises.” The complexity of the fraud makes it difficult to trace; the use of anonymous email services and foreign domains exacerbates the challenge for law enforcement.
“We’re not expending too much energy on this at the moment. Our priority is to monitor and alert companies,” Steinarr emphasized. He encourages business representatives to remain aware, maintaining critical communication with suppliers and approaching unusual inquiries with skepticism. His advice resonates clearly: “Be vigilant. Scrutinize all supplier communications and take note of the details.”
