3 Phishing Scams Targeting Irish Businesses Right Now

← Back to Blog

A Cork accountancy firm. A financial controller gets an email that looks exactly like it's from the managing partner — same name, similar email address, professional tone. It asks her to process an urgent bank transfer before close of business. She does. €18,500 lands in an account in Eastern Europe. The managing partner never sent the email.

This is not a story about a careless employee. The email was convincing. The urgency was convincing. The timing was convincing. It was a targeted phishing attack — and they are getting more sophisticated every year.

Small and medium businesses in Ireland are prime targets. Cybercriminals know that larger enterprises have dedicated IT security teams and strict procedures. Smaller businesses often don't. That's the gap they exploit.

The National Cyber Security Centre of Ireland (NCSC) received over 5,000 reports of cybercrime incidents in a single recent year. The majority involved phishing attacks on businesses, with SMEs accounting for a disproportionately large share of victims.

What Is a Phishing Attack?

Phishing is an attempt by a criminal to trick you into revealing sensitive information — passwords, banking details, login credentials — or into taking an action you shouldn't take, like transferring money or opening a malicious file. The name comes from "fishing": they cast out a convincing lure and wait for someone to bite.

Modern phishing attacks don't look like the poorly-written scam emails of ten years ago. They're polished, targeted, and often look indistinguishable from legitimate communications — until you know what to look for.

The 3 Phishing Scams Hitting Irish Businesses Right Now

The CEO / Director Impersonation (Business Email Compromise)

This is the scam described above. A criminal researches your business — using LinkedIn, your website, social media — to find out who the boss is and who handles payments. They then send an email impersonating the director, asking for an urgent payment to a supplier or a confidential bank transfer.

The email may come from a slightly altered address (e.g., director@yourcompany-ie.com instead of director@yourcompany.ie) or, in more sophisticated versions, from a compromised email account that looks completely legitimate.

The urgency is always part of the script: "I'm in a meeting, can you sort this quickly?" creates pressure to act without thinking.

How to spot it: Any request for a financial transfer that comes via email — no matter who it appears to be from — should be verified by a separate phone call to the person's known number before acting. No exceptions.

The Fake Invoice / Supplier Payment Redirect

This one is particularly brutal for businesses that deal with multiple suppliers. A criminal intercepts or monitors email communications — often by compromising one party's email account — and watches for invoice exchanges. At the right moment, they send a convincing follow-up email claiming the supplier's bank details have changed, and providing new account details.

The business pays the invoice to the "new" account — which belongs to the criminal. The legitimate supplier eventually chases the unpaid invoice. By then, the money is gone.

This type of attack, known as Invoice Fraud or Mandate Fraud, is one of the most financially damaging forms of cybercrime affecting Irish SMEs. It's also one of the hardest to recover from, because the payment was made deliberately — banks have limited liability.

How to spot it: Any request to change bank details — from any supplier — should be confirmed by calling the supplier directly on a number you already have on file. Never call a number provided in the suspicious email itself.

The Microsoft / Google Login Page Fake

This one goes after your accounts rather than your money — though the outcome can be just as costly. You receive an email that looks like it's from Microsoft or Google, warning you that your account has been compromised, or that you need to verify your login details to avoid suspension.

The link in the email takes you to a page that looks exactly like the Microsoft or Google login page — same colours, same fonts, same logo. You enter your email and password. They're captured instantly. The criminals now have access to your email account, your documents, your contacts, and potentially your other accounts if you reuse passwords.

With access to your business email, they can launch the first two attacks described above against your clients and suppliers — using your actual account, making detection far harder.

How to spot it: Check the URL in your browser before entering any password. A legitimate Microsoft login will always be on login.microsoftonline.com. A legitimate Google login will always be on accounts.google.com. Anything else is fake. Better yet — enable multi-factor authentication (MFA) on all accounts so a stolen password alone isn't enough to get in.

The 6 Security Quick Wins Every Irish Business Should Do Today

You don't need an enterprise IT budget to significantly reduce your exposure to phishing attacks. These six steps address the most common attack vectors for small businesses in Ireland:

Enable multi-factor authentication (MFA) on all email accounts. This means that even if a password is stolen, the attacker can't get in without a second verification step — usually a code on your phone. This single step blocks the vast majority of account takeover attacks.
Train your team to verify before they pay or click. A five-minute conversation about phishing awareness is more valuable than most security software. Everyone who handles payments or has access to business email should know the signs.
Set up SPF, DKIM, and DMARC on your email domain. These records make it much harder for criminals to send convincing phishing emails that appear to come from your domain — protecting your clients and suppliers as well as your business.
Use a password manager and unique passwords. Reusing passwords across accounts means one breach can cascade into many. A password manager like Bitwarden (free) or 1Password generates and stores unique, strong passwords for every account.
Keep your software and devices updated. Many cyberattacks exploit known vulnerabilities in outdated software. Enabling automatic updates removes this attack surface with zero ongoing effort.
Have a clear payment verification procedure. Any change of bank details, or any payment request over a certain threshold, should require verbal confirmation by phone — using a number already on file, not one provided in the email.

Want a quick security check for your business?

We can run through your current setup, identify the biggest vulnerabilities, and put the right protections in place. No jargon, no scare tactics — just practical fixes.

Get a Free Consultation →

What to Do If You've Already Been Targeted

If you've clicked a suspicious link, entered credentials on an unfamiliar page, or received a phishing email that slipped through to your inbox, here's what to do immediately:

Change your password immediately — and on any other account where you use the same password.
Enable MFA on the affected account if it's not already active.
Check for unauthorised access — look at your email's login history for unfamiliar locations or devices.
Notify your bank if any financial information may have been compromised.
Report it to the Garda National Cyber Crime Bureau (GNCCB) at cybercrime@garda.ie and to the National Cyber Security Centre at report@ncsc.gov.ie.

Acting quickly dramatically reduces the damage. The worst thing you can do is wait and hope nothing happens.

The Honest Bottom Line

Cybercriminals targeting Irish small businesses aren't particularly sophisticated. They use the same playbook repeatedly because it works. But the defences are not complicated either — they're mostly a matter of awareness, procedure, and a few technical settings that take an afternoon to put in place.

If you'd like a second set of eyes on your current setup — or if you want to make sure your team knows what to watch for — that's a conversation we're happy to have.

Phishing Ireland Cybersecurity Business Security IT Security Ireland Email Scams

3 Phishing Scams Targeting Irish Businesses Right Now (And How to Spot Them)