According to INTERPOL, it created a “global stop-payment mechanism” that made it possible to retrieve the most amount of money ever stolen in a business email compromise (BEC) scam.
This event follows the mid-July 2024 BEC scam victimisation of an unidentified Singaporean commodities firm. It is a kind of cybercrime in which a malevolent actor sends emails pretending to be a reliable source in order to deceive victims into donating money or disclosing private company information.
Such assaults can occur in a variety of ways, such as by assuming the identity of a third-party vendor and sending a bogus bill or by breaking into the email account of a finance staff member or a law firm.
“On 15 July, the firm had received an email from a supplier requesting that a pending payment be sent to a new bank account based in Timor-Leste,” INTERPOL stated in a press release. “The email, however, came from a fraudulent account spelt slightly different to the supplier’s official email address.”
According to reports, the Singaporean company transferred $42.3 million to the non-existent supplier on July 19. However, it didn’t realise its mistake until July 23, when the legitimate supplier claimed it hadn’t received any payment.
However, police in Singapore were able to identify $39 million and freeze the counterfeit bank account a day later by utilising INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) method.
In addition, $2 million has been recovered when seven suspects in the scheme were apprehended in the country of Southeast Asia.
As part of a global police operation known as First Light, back in June, I-GRIP was utilised to track and intercept the criminal earnings originating from fiat and cryptocurrency crime. Millions of dollars were recovered, and hundreds of thousands of BEC accounts were intercepted.
“Since its launch in 2022, INTERPOL’s I-GRIP mechanism has helped law enforcement intercept hundreds of millions of dollars in illicit funds,” claimed the organisation.
“INTERPOL is encouraging businesses and individuals to take preventative steps to avoid falling victim to business email compromise and other social engineering scams.”
The revelation comes after law enforcement seized Cryptonator, an online digital wallet and cryptocurrency exchange, for allegedly accepting illegal revenues from ransomware scams, identity theft schemes, and different fraud markets.
Roman Boss’ December 2013 launch of Cryptonator has also come under fire for allegedly not putting in place the necessary anti-money laundering safeguards. Boss was charged by the US Justice Department for creating and running the service.
TRM Labs, a blockchain intelligence company, reported that over 4 million transactions totalling $1.4 billion were made possible by the platform; Boss received a small percentage of each transaction. This included money exchanged with fraudulent wallet addresses, high-risk exchanges, ransomware organisations, mixers, sanctioned addresses, darknet markets, and crypto theft activities.
In particular, transactions were made between cryptocurrency addresses under Cryptonator’s control and darknet markets, virtual exchanges, and illicit marketplaces such as Bitzlato, Blender, Finiko, Garantex, Hydra, Nobitex, and an unidentified terrorist organisation.
“Hackers, darknet market operators, ransomware groups, sanctions evaders and others threat actors gravitated to the platform to exchange cryptocurrencies as well as cash out crypto into fiat currency,” observed TRM Labs.
Due to the growing popularity of cryptocurrencies, there are many potential for fraud, and over time, threat actors have been busy coming up with novel ways to empty victims’ wallets.
In fact, fraudsters are misusing reputable blockchain protocols like Uniswap and Safe.global to mask their illicit activity and steal money from cryptocurrency wallets, according to a recent Check Point investigation.
“Attackers leverage the Uniswap Multicall contract to orchestrate fund transfers from victims’ wallets to their own,” researchers reported. “Attackers have been known to use the Gnosis Safe contracts and framework, coaxing unsuspecting victims into signing off on fraudulent transactions.”