Quick Action Recovers $777,000 Lost to BEC Scam

Quick Action Recovers $777,000 Lost to BEC Scam

An international police operation has helped a South Australian woman recover funds lost following a 2023 business email compromise scam.

The Australian Federal Police (AFP) has shared details of an investigation by its Joint Cybercrime Coordination Center (JPC3) that recovered nearly $800,000 lost in a mail compromise scam professional electronics (BEC).

The AFP shared details of the case today to highlight the dangers of BEC scams as part of Cybersecurity Awareness Month, which begins today, October 1.

In particular, the AFP said this shows the importance of a quick response when it comes to recovering money lost to a scam.

In this case, a South Australian woman received what appeared to be an email from a legitimate company; however, the email address was fake: a letter had been altered to create a fake email claiming to be from a conveyancing agent. The woman was tricked into sending $813,000 to the scammer in May 2023, thinking the money was intended to purchase a property.

When the woman realized she had been scammed, she reported the crime to her bank and to ReportCyber ​​two days later.

Following an investigation by JPC3 and local and state police, the scammer’s onshore account was identified and frozen. $505,000 of the woman’s money was taken before it could be sent overseas.

After identifying that nearly $300,000 had been sent through a fake digital exchange account, JPC3 worked with Pakistan’s National Cybercrime Response Center and cryptocurrency exchange Binance to freeze that account and recover 272 000 $.

In May 2024, authorities managed to recover 96% of the woman’s funds, and a Pakistani national was identified as a suspected mastermind. The investigation into the identity of the scammers is ongoing.

“Cybercriminals typically target businesses and individuals making large payments, such as property transactions, with the aim of diverting the victim’s funds to a fraudulent account,” said AFP Acting Detective Superintendent Darryl Parrish, in a press release.

“In many cases, cybercriminals access a company’s email account, change banking information, and send the new information to customers who unknowingly transfer funds to criminals.

“Businesses can prevent cybercriminals from accessing their online accounts by implementing multi-factor authentication (MFA) to add an extra layer of security, making it harder for criminals to gain access.

“In other cases, like this one, the criminal created a fake email address that looked like the legitimate business email address. It is crucial that people check their emails, especially their email addresses and banking details, to avoid falling victim to BEC scams.

Australians have reported $80 million in losses from BEC scams to the Australian Cyber ​​Security Center for the period between 2022 and 2023.

“This case is an important reminder to everyone that recovering funds is complex and, in some situations, impossible, which is why all Australians must take preventative measures to protect themselves from these manipulative cybercriminals,” said the Superintendent Parrish.


If you are a victim of cybercrime, report it to the police using Report Cyber.

If you or someone you know needs help, we encourage you to contact Lifeline on 13 11 14 or Beyond Blue on 1300 224 636, who provide 24/7 support services.

Amazon has conquered Christmas, but its reign may be coming to an end

Amazon has conquered Christmas, but its reign may be coming to an end

No one on Twitter is safe from Elon Musk

No one on Twitter is safe from Elon Musk

Leave a Reply

Your email address will not be published. Required fields are marked *