The Sri Lanka Posts Department is facing heightened scrutiny after a US$ 625,000 international payment reportedly failed to reach the United States Postal Service, raising concerns over possible phishing interference and weaknesses in official financial transfer procedures. The incident has triggered an internal audit and a parallel criminal investigation into how a high-value government transaction may have been diverted or lost in transit.
Postmaster General R.P. Sathkumara confirmed that the department initiated the payment intended for settlement obligations with its US counterpart, but the funds were later reported as not received by the United States Postal Service. The discrepancy prompted urgent verification efforts between the two institutions, with both sides now attempting to reconcile records to determine where the transfer broke down.
Preliminary assessments suggest the transaction may have been compromised through phishing tactics, a method where attackers impersonate trusted entities to manipulate financial instructions. In this case, officials say an email was received instructing a change in bank account details for the transfer. However, subsequent checks revealed the referenced account was inactive, intensifying suspicions of fraudulent manipulation.
Cybersecurity specialists note that such attacks increasingly target public institutions handling international payments. These schemes often rely on compromised email accounts or spoofed communications that closely mimic legitimate correspondence. Weak verification practices, delayed cross-checking with banks, and reliance on email instructions are commonly exploited vulnerabilities in government systems handling large transactions.
Investigators also discovered inconsistencies in the payment trail, including discrepancies between internal authorizations and external banking records. The department has since lodged a complaint with the Criminal Investigation Department (CID), which has begun examining digital communication logs, email headers, and banking transfer data to trace the origin and destination of the instruction changes.
Beyond the immediate case, the incident has raised broader concerns about the security of international remittance systems used by state agencies. Experts point out that cross-border payments typically move through correspondent banking networks, where delays in verification can create opportunities for interception or manipulation.
Sri Lanka has faced increasing exposure to cyber-enabled financial crimes in recent years, particularly targeting public-sector institutions undergoing digital transformation. Fraudulent emails impersonating foreign agencies, vendors, and financial intermediaries have become a growing risk, exposing gaps in institutional cybersecurity readiness.
Officials argue that stronger safeguards such as dual authorization protocols, encrypted communication channels, and real-time banking confirmations could significantly reduce the risk of similar incidents. They also highlight the need for stricter separation of duties in financial approvals and enhanced training for staff handling international transfers.
Authorities have not yet confirmed whether the missing funds can be recovered, as phishing-related cross-border transfers are often difficult to reverse once processed through intermediary banks.
By a Special Correspondent