Four members of an alleged cyber criminal syndicate accused of money laundering $1.7 million in stolen cash from Australian and overseas victims have been charged in Brisbane, Adelaide and Melbourne.
The AFP alleges the syndicate orchestrated more than 15 sophisticated cybercrime incidents between January, 2020, and March, 2023, and set up more than 80 bank accounts with stolen identities to help transfer the money out of Australia.
The AFP began the investigation in October, 2021, after an Indonesian business lost more than $100,000 in a business email compromise (BEC) attack.
AFP investigators identified two Brisbane women, a Melbourne man and an Adelaide man whom allegedly laundered the proceeds from the cyber fraud and were operating as a cybercrime syndicate with links to South Africa.
AFP investigators yesterday (23 March, 2023) executed five search warrants across Queensland, Victoria and South Australia.
In Brisbane, warrants were executed in Sherwood, Richlands and Durack. A woman, 35, was arrested in Durack while another woman, 27, was arrested in Sherwood.
In Melbourne, warrants were executed in Manor Lakes and Wyndham Vale. A man, 26, was arrested at Wyndham Vale.
A man, 30, was arrested in the Adelaide suburb of Croydon Park.
Investigators seized fake passports, international driver licences and luxury handbags. They also seized digital devices that will be subject to further forensic examination
The Sherwood woman was charged with:
- Six counts of possessing a false document, contrary to section 138(3) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth); and
- Six counts of possessing a false foreign travel document contrary to Section 22 of the Foreign Passports (Law Enforcement and Security) Act 2005.
The charges carry a maximum penalty of 10 years' imprisonment. She is scheduled to face Brisbane Magistrates Court today (Friday 24, March)
A Durack woman, 35, was charged with:
- Three counts of possessing a false document, contrary to section 138 of the Anti Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
- One count of dishonestly obtaining or dealing in personal financial information, contrary to section 480.4 of the Criminal Code Act 1995 (Cth);
- Two counts of dealing in proceeds of crime worth $100,000 or more, contrary to section 400.4 of the Criminal Code Act 1995 (Cth); and
- Five counts of producing a false document, contrary to section 137 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
The charges carry a maximum penalty of 20 years imprisonment. She is scheduled to face Brisbane Magistrates Court today.
The Croydon Park man, 30, was charged with:
- Two counts of producing a false document, contrary to section 137 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth); and
- One count of dealing in proceeds of crime worth $100,000 or more, contrary to section 400.4 of the Criminal Code Act 1995 (Cth).
The charges carry a maximum penalty of 20 years imprisonment. He was granted bail is scheduled to next appear in Adelaide Magistrates Court on 9 June, 2023.
The Wyndham Vale man, 26, was charged with:
- One count of possessing a false document, contrary to section 138 of the Anti Money Laundering and Counter-Terrorism Financing Act 2006 (Cth); and
- One count of possessing a false foreign travel document contrary to Section 22 of the Foreign Passports (Law Enforcement and Security) Act
The charges carry a maximum penalty of 10 years imprisonment. He was granted bail and is next scheduled to face Melbourne Magistrates' Court on 15, June, 2023.
The syndicate allegedly undertook a range of cybercrime tactics, including BEC attacks, scams targeting users of Facebook Marketplace and fraudulent superannuation investments. Individual losses ranged from $2500 to nearly $500,000.
The four individuals allegedly operate about 180 bank accounts to facilitate thefts from their victims and then transfer and launder their profits.
About $1.1 million was allegedly laundered to bank accounts in South Africa, where the group was working with associates who sourced legitimate identity documents and altered the photographs and birth dates so Australian syndicate members could use them. The majority of documents belonged to victims residing in South Africa, some of whom were Australian citizens.
AFP Commander Cybercrime Operations Chris Goldsmid said cybercrimes were increasing at an alarming rate, and the techniques scammers were using to trick their victims had become increasingly cunning.
"Business email compromise has become a particularly prominent cyber threat, which is why the AFP, through Operation Dolos, remains focussed on protecting Australians who are being targeted in these attacks," Commander Goldsmid said.
"Australians reported losses of more than $98 million to business email compromise attacks in the past year alone, with an average loss of $64,000 per reported incident.
"As a result of this investigation, and with the assistance of several financial institutions, the AFP was able to identify nearly 80 fraudulent accounts being used by the syndicate and begin to shut them down.
"Now, more than ever, we need individuals and business to remain hyper vigilant when conducting online transactions.
"Educate yourself on the latest scams and take the time to triple check the details of your transactions - not doing so could cost you your life savings."
If you believe you have fallen victim to cybercrime, you should immediately contact ReportCyber at www.report.cyber.gov.au.
If you are concerned that your identity has been compromised, contact the national identity and cyber support service IDCARE at www.idcare.org.
