Businesses in Ireland involved in moving large amounts of money electronically have been advised to be extra vigilant following an apparent increase in online fraud and theft attempts. 

IT security experts say they are seeing a growth in the number of credible attempts by fraudsters to manipulate or trick people working in businesses to transfer large sums of money into the accounts of criminals.

In particular the number of so-called "spear phishing" attacks in recent months appears to have risen.

This involves fraudsters using targeted spoof emails to try to elicit confidential data and divert funds being sent from one person or organisation to another.

IT services and security company Prosalis says it is aware of a number of businesses that have been targeted in recent months by fraudsters trying to steal money from the companies' customers.

It is not entirely clear how the attacks are being prepared, but Prosalis says they typically seem to involve a combination of hacking, use of malware and social engineering.

Social engineering involves the fraudsters using information they have gleaned about a target from the internet, social media and other sources to manipulate them to give up confidential data.

In recent months, two unconnected firms of solicitors in Ireland have been separately targeted by fraudsters, who used spoof emails to try to con the firms or their clients into sending them money.

Peter Tunney, a solicitor in Tallaght, Dublin, and one of his clients were among those targeted.

The client was in the process of purchasing a property, and received an email which purported to come from Mr Tunney, asking him to transfer a five-figure sum into an account in the UK.

The client was slightly suspicious of the timing of the email, and so contacted Mr Tunney, who confirmed it was bogus, and so the money was never moved.

However, Mr Tunney told RTÉ News that on the face of it, the email looked extremely credible, which was very worrying.

Mr Tunney said his firm's IT provider subsequently confirmed his business system had not been breached.

Instead, it is suspected that his client's email had been hacked, and that the fraudster had observed his contacts with his solicitor, before engineering a spoof email address which looked very similar to that of Mr Tunney's.

Another recent attempt targeted a firm run by solicitor Flor McCarthy in Clonakilty in Cork.

An accounts manager at the firm received an email which seemed to come from Mr McCarthy, asking her to transfer a five-figure sum into an account.

By chance, when Mr McCarthy passed her desk half an hour later, the accounts manager asked him what the transfer was for, only to discover Mr McCarthy had not sent her any such email.

As a result, the money was also not transferred.

TJ Whelan of Prosalis says this type of spear-phishing attack, focused in particular on firms of solicitors, has been widespread in the US and UK in recent years.

In one case in London last year, £340,000 which was to be used to pay for a house was fraudulently diverted by criminals to their account, after they intercepted an email between a solicitor and their client.

However, such attacks have not been particularly common in Ireland.

According to Mr Whelan, the problem raises many questions around protocols individual companies use when requesting financial transactions via email.

It also raises questions about who is ultimately responsible if money is transferred to a fraudster.

Mr Whelan said in order to guard against such attacks, businesses should ensure their email system is up to date and secure, and use two-factor authentication where possible.

They should also be on the lookout for unusual activity around transactions, have a protocol in place for moving money, and confirm any requests to transfer funds by phone before completing them.