Australian Federal Police (AFP) have arrested four members of a cyber criminal syndicate who laundered $1.7 million stolen from at least 15 victims between January 2020 and March 2023.

The AFP investigation that led to the dismantling of the group began in October 2021, when an Indonesian company said it lost $100,000 following a business email compromised (BEC) attack carried out by the arrested individuals.

Eventually, two men and two women aged between 26 and 35 were arrested in Brisbane, Melbourne and Adelaide. AFP has also broadcast video footage arrests.

The investigation revealed that the syndicate was responsible for numerous cybercrime operations, including BEC attacks, scams targeting Facebook Marketplace users, fraudulent pension investments, and more.

Losses to the victims range between $2,500 and $500,000, which the syndicate laundered using a vast network of 180 bank accounts, many of which were opened in South African banks using stolen identities.

“About $1.1 million was allegedly laundered into bank accounts in South Africa, where the group worked with associates who obtained legitimate identity documents and altered photographs and birth dates so that members of the Australian union can use them”, explains to AFP.

“The majority of the documents belonged to victims residing in South Africa, some of whom were Australian citizens.”

Those arrested are charged with money laundering, producing or processing false travel documents, dishonestly obtaining personal financial information and trafficking in the proceeds of crime.

For two arrested crime operatives, the maximum sentence is ten years in prison, while the other two charged with multiple counts for additional violations face a maximum sentence of 20 years in prison.

Business email compromise attacks are a growing problem in Australia. AFP reports that in 2022, businesses nationwide lost more than $98,000,000, with the average loss per reported incident being $64,000.

Faced with the increase in cyber threats, AFP urges businesses and individuals to be extra careful when carrying out online transactions.

AFP Cybercrime Operations Commander Chris Goldsmid stresses the importance of learning about the latest scams and verifying transaction details to avoid falling victim to such crimes.