An Irish man has been questioned by gardaí as part of an international investigation into what is described as a sophisticated €15m Covid-19 scam.
The investigation was launched when German health authorities made an upfront payment online of €1.5m for face masks, only to discover the website advertising the personal protective equipment (PPE) was being operated by scammers.
The worldwide shortage of PPE has led to an increased demand online for the items - and increased opportunities for scammers.
One of the largest scams uncovered to date is being investigated by Interpol and the Garda National Economic Crime Bureau here. The case involves a €14.7m fraud in the supply of anti-virus face masks.
The scam was uncovered when German health authorities tried to purchase face masks online from a website that appeared to be linked to a legitimate company in Spain.
Unbeknownst to the buyers, the site had been cloned by scammers.
Chief Superintendent Pat Lordan of the Garda National Economic Crime Bureau said: "The purchaser went onto a website…which he thought was a genuine website of a genuine company in Spain, but he wasn't on that website at all.
"He was on a fictitious cloned website, which was not real. So, despite the fact that he thought he was purchasing €14.7m worth of face masks, they did not exist on this website, he was never going to get not even one mask."
Pretending to be the legitimate company in Spain, the scammers said they could not deliver the masks but as a consolation, they referred the buyers to a 'trusted' dealer in Ireland.
The Irish middleman promised to put them in touch with a different supplier, this time in the Netherlands.
An agreement for an initial delivery of 1.5 million masks was made, in exchange for an up-front payment of €1.5m.
The buyers initiated a bank transfer to Ireland. Just before the delivery date, the German health authorities were informed that the funds had not been received and that an emergency transfer of €880,000 straight to the Dutch supplier was required to secure the merchandise.
The Germans sent the wire transfer but the masks never arrived.
It turns out the Dutch company existed but its website had also been cloned.
Interpol contacted the Garda National Central Bureau in Dublin as well as the Irish bank where the upfront payment was made. The €1.5m in the account is currently frozen.
A 48-year-old Irish national from the west of Ireland was interviewed by detectives, with assistance from gardaí in Co Roscommon, in relation to the suspected money laundering of €1.5m.
The offence carries a maximum term of 14 years imprisonment after conviction on indictment.
Documents and electronic devices were obtained and are currently being forensically examined.
Chief Supt Lordan said: "We have identified a bank account in Ireland where €1.5m came into from abroad. Working with the financial institutions here in Ireland, the money has been frozen, and the money will be returned.
"We are current working to establish why did this money come into the account, where it came from and what that person knew about the whole scam that was going on."
The Dutch Fiscal Information and Investigation Service tracked down the €880,000 which had been transferred from the German company.
Nearly €500,000 of those funds had already been sent to the UK, all of which was destined for an account in Nigeria.
Europol contacted the UK bank which was able to recall the full amount. Those funds have now been returned to the Netherlands and frozen by authorities.
"This operation commenced a number of weeks ago," said Chief Supt Lordan.
"We are working with police forces in Germany, in Holland and Spain… a number of people were arrested in Holland during the week and further arrests will be anticipated."
Speaking on RTÉ's Today with Sean O'Rourke, Chief Supt Lordan said every issue in the public domain provides a new opportunity for criminals.
He said Covid-19 provides that perfect opportunity because we are all spending more time online and that more and more fake websites are being set up and cautioned consumers not to enter websites via a link.