Friday, January 24, 2025
HomeCyber Security NewsAuthorities have Uncovered USD 40 Million from Hackers

Authorities have Uncovered USD 40 Million from Hackers

Published on

SIEM as a Service

Follow Us on Google News

Singapore authorities have successfully intercepted and reclaimed over USD 40 million defrauded in a sophisticated business email compromise (BEC) scam.

The operation, facilitated by INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism, marks the largest-ever recovery of fraudulently obtained funds in Singapore’s history.

The Scam Unveiled

On 23 July 2024, a commodity firm based in Singapore reported falling victim to a BEC scam.

The scammer had impersonated a supplier, sending an email from a slightly altered email address and requesting a pending payment be sent to a new bank account in Timor Leste.

Unaware of the deception, the firm transferred USD 42.3 million on 19 July. The fraud was discovered four days later when the genuine supplier reported not receiving the payment.

Upon receiving the police report, the Singapore Police Force (SPF) immediately sought assistance from INTERPOL.

The I-GRIP mechanism utilizes INTERPOL’s 196-country network, and the SPF coordinated with Timor Leste authorities to intercept the fraudulent transaction.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Swift Action and Arrests

On 25 July, the SPF’s Anti-Scam Centre confirmed the detection and withholding of USD 39 million from the fraudulent account in Timor Leste.

Further investigations led to the arrest of seven suspects and an additional USD 2 million recovery. Efforts are underway to return the stolen funds to the victimized firm in Singapore.

Isaac Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC), emphasized the importance of rapid response in such cases.

“Speed is crucial to successfully intercepting the proceeds of online scams. The cooperation between authorities in Singapore and Timor Leste in this case was exemplary,” Oginni stated.

David Chew, Director of the SPF’s Commercial Affairs Department, highlighted the global nature of scams and the necessity for international cooperation.

“Scams are a global threat that requires an international response from law enforcement. We commend the swift and decisive action of INTERPOL’s Financial Crime and Anti-Corruption Centre,” Chew remarked.

Since its inception in 2022, INTERPOL’s I-GRIP mechanism has been instrumental in intercepting hundreds of millions of dollars in illicit funds.

Notable recoveries include USD 3.4 million from an Italian company in 2020 and USD 331,000 from a Spanish victim in 2024.

INTERPOL urges businesses and individuals to take preventative measures against BEC and other social engineering scams.

Timeline of a Scam

  • 15 July: Singapore firm receives scam email from fake supplier.
  • 19 July: Firm transfers USD 42.3 million to the fake supplier via a bank account in Timor Leste.
  • 23 July: Firm discovers the fraud and files a police report; SPF contacts INTERPOL.
  • 24 July: Confirmation of USD 39 million interception received.
  • 24-26 July: Timor Leste authorities arrest suspects and recover an additional USD 2 million.

This case underscores the critical role of international collaboration in combating financial crimes and protecting businesses from sophisticated scams.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations

The New York State Department of Financial Services (NYDFS) has imposed a $2 million...