Police were called after Highland Council was victim of a bank mandate fraud, an internal auditors’ report has revealed.
Fraudsters managed to ‘hack’ the email account of one of the council’s suppliers using malware.
They then informed the council of a change to the supplier’s bank account details.
The fraudsters managed to divert a payment of £4,000 before the fraud was discovered.
The matter was reported to the relevant police force, and an individual identified.
Police obtained a search warrant for their property.
The council organised a fraud awareness session with Police Scotland in May for officers who are involved in banking and payment systems.
A Highland Council spokeswoman said the council could not comment on police matters.
Councillors on the Audit & Scrutiny committee will discuss the situation at their meeting on Thursday.
Meanwhile the website Investec.com issued a warning about this type of scam earlier this year.
They said once into your email account, fraudsters “troll and monitor the account for an opportunity to intercept an invoice.
“For example, when you are purchasing goods and awaiting an invoice on email, or if your business is sending an invoice by email.
“The scammers intercept an email, change the bank details on the invoice and send it on for payment.
“ The recipient pays the invoice thinking it comes from a legitimate source, when in fact the money is paid into the scammer’s account.
“This type of fraud can lead to strained business relationships as neither party feels that they are responsible for the fraud. It can also lead to a loss of funds and may take a long time to sort out if there are legal implications.”