In a stark reminder of the growing threat of Business Email Compromise (BEC) scams, police have recovered $777,000 stolen from a South Australian woman, thanks to her swift action in reporting the crime.
The recovery highlights the importance of quick reporting to authorities to combat cybercrime, particularly during Cyber Security Awareness Month, which begins today, 1 October 2024.
The case, brought to light by the AFP-led Joint Policing Cybercrime Coordination Centre (JPC3), underscores how Australians commonly fall victim to BEC scams and provides advice on prevention, such as enabling multi-factor authentication (MFA) and carefully verifying email addresses.
In this incident, cybercriminals created an email address with a single-letter variation of a legitimate business email, deceiving the woman into sending $813,000 to a fraudulent account during a property transaction. Fortunately, the victim reported the scam to her bank and police just two days after transferring the funds in May 2023, using the ReportCyber platform at cyber.gov.au.
Following a thorough investigation involving multiple financial institutions and international law enforcement agencies, the JPC3 was able to recover $777,000, or 96 per cent of the stolen funds, by March 2024.
BEC scams, a sophisticated form of fraud, involve cybercriminals manipulating financial transactions by either hacking into or creating nearly identical email addresses to intercept large sums of money. In this case, the criminals targeted the woman while she was purchasing a new home, altering banking details so that the funds were transferred to a fraudulent account.
Under Operation DOLOS, a multiagency taskforce, police successfully froze the scammer’s account and retrieved $505,000 before the money could be moved further. The remaining $272,000 was tracked to a fraudulent Digital Currency Exchange (DCE) account, converted into cryptocurrency, and sent abroad. Collaboration with the Pakistani National Response Centre for Cyber Crime (NR3C) and cryptocurrency exchange Binance allowed authorities to freeze the DCE account and recover the funds.
Investigators suspect the fraudulent DCE account was opened by a Pakistani national, who acted as a money mule, enabling other criminals to launder illicit funds. The investigation into the criminal network remains ongoing.
AFP Detective Acting Superintendent Darryl Parrish emphasised the growing complexity of BEC scams, urging businesses and individuals to take preventive measures, particularly when making significant financial transactions.
“Cybercriminals often target property transactions and other large payments, diverting funds into fraudulent accounts. By setting up multi-factor authentication (MFA) and double-checking email addresses and banking details, businesses and individuals can better protect themselves,” Parrish said.
BEC scams continue to inflict heavy financial losses. According to the Australian Cyber Security Centre (ACSC), BEC scams cost Australians nearly $80 million in 2022-2023, with an average loss of $39,000 per incident.
While the recovered funds brought relief to the victim, Parrish acknowledged the emotional and financial toll the 12-month recovery process had on her. He stressed the importance of prompt action when dealing with cybercrime.
“This case is a reminder that recovering stolen funds can be complicated, and in some instances, it may not be possible. The best protection is prevention. If you suspect you’ve been scammed, report it to your bank and police immediately,” he advised.
Binance Investigations Specialist Robert Thomson highlighted the role of public blockchains in tracing stolen cryptocurrency, but warned that users must stay vigilant.
“While Binance works closely with law enforcement globally to assist victims of hacks or scams, users play the biggest role in protecting their assets. Strong security practices and staying informed are key to avoiding scams,” Thomson said.
Cyber Security Awareness Month aims to educate the public on the risks of cybercrime, with law enforcement and industry experts encouraging Australians to take proactive steps in safeguarding their digital assets. Reporting scams swiftly through ReportCyber and Scamwatch is essential for mitigating losses and helping authorities crack down on cybercriminal networks.
Support Our Journalism
Global Indian Diaspora and Australia’s multicultural communities need fair, non-hyphenated, and questioning journalism, packed with on-ground reporting. The Australia Today – with exceptional reporters, columnists, and editors – is doing just that. Sustaining this needs support from wonderful readers like you.
Whether you live in Australia, the United Kingdom, Canada, the United States of America, or India you can take a paid subscription by clicking Patreon and support honest and fearless journalism. LINK: https://tinyurl.com/TheAusToday
