Australian Federal Police (AFP) have charged four individuals with laundering $1.7 million in stolen cash from Australian and overseas victims.
The alleged cybercriminal syndicate is accused of orchestrating more than 15 sophisticated cybercrime incidents between January 2020 and March 2023.
This group set up more than 80 bank accounts with stolen identities to transfer money out of Australia.
The syndicate utilised various techniques of cybercrime, such as BEC attacks, scams directed at Facebook (NASDAQ:META) Marketplace users and deceitful superannuation investments, incurring damages between $2,500 and $500,000 per user.
Four members of an alleged cyber criminal syndicate accused of money laundering $1.7 million in stolen cash from Australian and overseas victims have been charged in Brisbane, Adelaide and Melbourne.https://t.co/o9f8FMJIOr— AFP (@AusFedPolice) March 24, 2023
Cybercrime increasing at alarming rates
AFP commander of cybercrime operations Chris Goldsmid said cybercrimes were increasing at an alarming rate and the techniques scammers were using to trick their victims had become increasingly cunning.
He added: “Business email compromise has become a particularly prominent cyber threat, which is why the AFP, through Operation Dolos, remains focussed on protecting Australians who are being targeted in these attacks,
“Australians reported losses of more than $98 million to business email compromise attacks in the past year alone, with an average loss of $64,000 per reported incident.
“As a result of this investigation and with the assistance of several financial institutions, the AFP was able to identify nearly 80 fraudulent accounts being used by the syndicate and begin to shut them down.
“Now, more than ever, we need individuals and businesses to remain hyper-vigilant when conducting online transactions.
“Educate yourself on the latest scams and take the time to triple-check the details of your transactions – not doing so could cost you your life savings.”
Investigation highlights
The investigation began in October 2021, after an Indonesian business lost more than $100,000 in a business email compromise (BEC) attack.
The syndicate reportedly operated around 180 bank accounts to facilitate thefts from their victims and then transferred and laundered the profits.
AFP alleges that $1.1 million was laundered to bank accounts in South Africa, where the group worked with associates who sourced legitimate identity documents and altered them for use in Australia.
The four individuals were charged in Brisbane, Adelaide and Melbourne, and authorities executed five search warrants across Queensland, Victoria and South Australia.
The group faces charges including producing a false document, possessing a false foreign travel document, dealing in proceeds of crime and dishonestly obtaining or dealing in personal financial information. The charges carry maximum penalties of up to 20 years imprisonment.