The AFP Joint Policing Cybercrime Coordination Centre (JPC3) has charged a Melbourne man for allegedly laundering more than $176,000 stolen from Australian businesses targeted by cyber criminals.
AFP Operation Dolos-EMMA8 began in August 2022 after an Australian bank alerted the AFP about unusual financial transactions.
The investigation allegedly identified that from June 2021 to May 2022 the man, now 23, received $176,192 in funds suspected of being the criminal proceeds of business email compromise (BEC) frauds. He allegedly dispersed the funds among a number of accounts, before transferring the money to another individual.
It is alleged that one of the deposits related to proceeds of crime derived from a BEC attack on an Australian construction company.
The company allegedly lost more than $17,000 after receiving a fraudulent email from a furniture supplier claiming their bank details had changed. They subsequently paid the funds into a bank account that was allegedly in the man’s name.
The AFP will allege the man acted as a money mule, facilitating the movement of funds obtained through BEC fraud and other cyber-enabled crime in Australia.
The AFP executed a search warrant at his Footscray home in November 2022, seizing a number of electronic devices and small amounts of illicit drugs.
Examination of the evidence seized from the search warrant led to the man’s arrest on 13 July, 2023.
The man appeared briefly in Melbourne Magistrates Court on 13 July, 2023. He is next due to appear in court on 5 October charged with:
- One count of dealing with the proceeds of crime, money or property worth $100,000 or more, contrary to section 400.4(2B) of the Criminal Code 1995 (Cth);
- One count of possessing a drug of dependence, namely cocaine, contrary to section 73(1)(b) of the Drugs, Poisons and Controlled Substances Act 1981 (Vic); and
- One count of possessing a drug of dependence, namely cannabis, contrary to section 73 (1)(a) of the Drugs, Poisons and Controlled Substances Act 1981 (Vic).
The maximum penalty for the proceeds of crime charge is 10 years’ imprisonment, while the drug charges carry a maximum penalty of 12 months’ imprisonment.
The AFP established multiagency taskforce Operation Dolos in January 2020 to target the growing threat of business email compromise.
It comprises the JPC3, State and Territory police, Australian Criminal Intelligence Commission, Australia Cyber Security Centre, AUSTRAC and the financial sector.
Operation Dolos has already prevented more than $45 million from being lost to cybercriminals conducting BEC.
AFP Senior Constable Khali Sherer said anyone could be a victim of business email compromise, with cyber-criminals using sophisticated techniques to trick their targets.
“Business email compromise has become a particularly prominent cyber threat, which is why the AFP, through Operation Dolos, remains focused on protecting Australians who are being targeted in these attacks,” Senior Constable Sherer said.
“In 2021-2022, Australians reported losses of more than $98 million to business email compromise attacks, with an average loss of $64,000 per reported incident.*
“If you think an email is suspicious, make further enquiries. Call and check directly with the business or organisation you are dealing with. It is reasonable to ask questions to protect yourself or your company.”
If you believe you have fallen victim to cybercrime, you should immediately report to police using ReportCyber at cyber.gov.au.
If you are concerned that your identity has been compromised, contact the national identity and cyber support service IDCARE at www.idcare.org.
*Australian Cyber Security Centre Annual Cyber Threat Report 2021-2022.
