In an increasing environment of sad stories, we’re pleased to share that a South Australian woman successfully recovered $777,000 stolen in a Business Email Compromise (BEC) scam. Her quick action in reporting the incident highlights the critical importance of promptly notifying authorities about cybercrimes.
As we kick off Cyber Security Awareness Month today, the AFP-led Joint Policing Cybercrime Coordination Centre (JPC3) aims to educate Australians on the common tactics used in BEC scams and how to safeguard themselves. Key measures include setting up multi-factor authentication (MFA) and carefully verifying email addresses.
In this particular case, cybercriminals deceived the victim by creating a fake email address that was almost identical to a legitimate business email. This trick led her to mistakenly send $813,000 to the scammers instead of to a legitimate conveyancer while purchasing a new home.
Thanks to the swift response from the JPC3, international law enforcement partners, and several financial institutions, the majority of the stolen funds—$777,000—were returned to the victim in March 2024, reflecting an impressive recovery rate of about 96%.
The incident unfolded in May 2023, when the woman alerted her bank and the police through ReportCyber just two days after the transfer. BEC scams, which involve tricking victims into transferring money to accounts controlled by criminals, are becoming increasingly sophisticated.
Under Operation DOLOS, a multi-agency taskforce, the JPC3 collaborated closely with various police forces and financial institutions to freeze the scammer’s account, successfully recovering $505,000 before it could be moved further. However, nearly $300,000 of the victim’s funds had already been converted into cryptocurrency through a fraudulent Digital Currency Exchange (DCE) account.
With help from international partners, including the Pakistani National Response Centre for Cyber Crime and global cryptocurrency exchange Binance, authorities managed to freeze the DCE account and recover $272,000 of the $300,000.
The investigation continues, targeting the criminal group behind this fraud.
Detective Acting Superintendent Darryl Parrish emphasized that BEC scams are growing more complex, with criminals either hacking legitimate email accounts or creating near-identical versions to mislead victims. “Cybercriminals often target individuals and businesses involved in significant transactions, like property purchases, aiming to redirect funds to their accounts,” he explained.
To protect themselves, businesses and individuals are encouraged to implement multi-factor authentication, which adds an extra layer of security to online accounts. Additionally, it’s crucial to double-check email addresses and banking details to avoid falling victim to such scams.
According to the Australian Cyber Security Centre, self-reported losses from BEC scams reached nearly $80 million during the past year, with each incident averaging over $39,000 in financial loss.
Detective Parrish noted the case illustrates the global nature of cybercrime and the importance of cooperation between domestic and international law enforcement to combat these threats. He urged everyone to take preventative steps to safeguard against these manipulative tactics.
If you suspect you’ve been targeted or have fallen victim to a scam, report it to your bank and the police as soon as possible at cyber.gov.au. Quick reporting is the best way to halt fraudulent transactions and recover lost funds. Your actions can also help protect others from similar scams by informing organizations like Scamwatch.
Source: https://afp.gov.au/news-centre/media-release/police-recover-777000-victims-funds-stolen-bec-scam
