A man and woman will face court next month after being charged over alleged email scams netting more than $70,000, NSW Police say.
Detectives from the State Crime Command’s Cybercrime Squad established Strike Force Cabernet to investigate organised criminal groups committing large scale business email compromises.
Earlier this year, strike force investigators received two referrals from Australian Cybercrime Online Reporting Network (ACORN) relating to fraudulent emails from company directors requesting payment of invoices or other fees.
The first report stated the company’s finance department received an email from a person purporting to be the company’s Managing Director requesting payment of an invoice for more than $50,000, which was subsequently paid.
Police will allege the account was accessed twice, with a total of $10,000 withdrawn, before it was frozen by the financial institution.
Following extensive inquiries, strike force investigators arrested a 29-year-old man at Newtown on Thursday 21 June 2018.
He was taken to Newtown Police Station and charged with two counts of recklessly deal with the proceeds of crime.
The Bankstown man was granted strict conditional bail and is due to appear at Bankstown Local Court on Tuesday 10 July 2018.
The second report stated an employee received an email from a person purporting to be the company’s Director requesting a payment of more than $14,000 for professional fees, which was subsequently paid.
Police will allege the account was accessed the following day, with a total of $14,000 withdrawn and transferred into an account at another financial institution.
Following extensive inquiries, strike force investigators arrested a 29-year-old woman at Muswellbrook on Monday (25 June 2018).
She was taken to Muswellbrook Police Station and charged with recklessly deal with the proceeds of crime.
The Armidale woman was granted strict conditional bail and is due to appear at Armidale Local Court on Monday 16 July 2018.
Investigations under Strike Force Cabernet are ongoing.
Cybercrime Squad Commander, Detective Acting Superintendent Matt Craft, urged the business community to be vigilant, as business email compromises are becoming more prevalent.
"Business email compromise scams generally target companies who pay accounts electronically, which is common practice with modern electronic accounting systems," Det A/Supt Craft said.
"While there are many variables, generally, the perpetrators will ‘spoof’ or compromise corporate executive or employee email accounts and send email requests to an accounts payable employee for an electronic funds transfer.
"It is imperative for all businesses to develop systems to combat against business email compromises, which includes carefully scrutinizing email requests for the transfer of funds and the development of standard procedures for accounting staff to follow to protect against business email compromises.
"Staff should be suspicious about requests to change account details or complete electronic transfers and take the time to verify the authenticity of the email, whether it be via phone or a fresh email."
Det A/Supt Craft urged businesses to review internal practices as prevention is key to protection.
"The most important part of prevention is education, and we recommend all businesses speak to their staff about the possibility and prevalence of email compromise," Det A/Supt Craft said.
"While the Cybercrime Squad is well equipped and capable of investigating these types of offences, prevention is always better than prosecution.
"The cybercrime squad will continue to target those people who engage in this conduct and benefit from the proceeds.
"We encourage anyone – corporate or personal – who have been a victim of email compromise to report it to police," Det A/Supt Craft said.
Reports of online fraud can be made to the Police Assistance Line on 131 444.
Police are urging anyone with information in relation to organised fraudulent activity, email/online scams, or other cybercrimes to call Crime Stoppers.
