DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Police recover over USD 40 million from international email scam

Posted on August 6, 2024 by Dissent

Singapore authorities make record recovery thanks to cooperation with Timor Leste through INTERPOL

LYON, France: A global stop-payment mechanism developed by INTERPOL has helped Singapore authorities make their largest ever recovery of funds defrauded in a business email compromise scam.

On 23 July 2024, a commodity firm based in Singapore filed a police report stating that they had fallen victim to a business email compromise scam, in which a scammer obtains access to or impersonates a business email account to deceive employees into transferring money to their bank account.

On 15 July, the firm had received an email from a supplier requesting that a pending payment be sent to a new bank account based in Timor Leste. The email, however, came from a fraudulent account spelled slightly different to the supplier’s official email address.

Unaware, the firm transferred USD 42.3 million to the fake supplier on 19 July, only discovering the crime four days later when the genuine supplier said it had not been paid.

On receipt of the police report, the Singapore Police Force (SPF) swiftly requested assistance from authorities in Timor Leste through INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism.

I-GRIP uses the global police organization’s 196-country police network to speed up requests for assistance in financial crime cases.

On 25 July, the SPF’s Anti-Scam Centre received confirmation that USD 39 million was detected and withheld from the fake supplier’s bank account in Timor Leste.

Moreover, Timor Leste authorities arrested a total of seven suspects in relation to the scam through follow-up investigations, leading to the further recovery of more than USD 2 million. Steps are being taken for the return of the stolen funds to the victim in Singapore.

Isaac Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC), said:

“Speed is crucial to successfully intercepting the proceeds of online scams, with police, financial intelligence units and banks cooperating across multiple jurisdictions in a race against time.

“The cooperation between authorities in Singapore and Timor Leste in this case was exemplary and demonstrates how quick action through INTERPOL can help recover funds taken from the fraud victims and identify the perpetrators.”

Global threat

David Chew, Director of the SPF’s Commercial Affairs Department, said:

“Scams are a global threat that requires a global response from law enforcement. Today, money moves at the click of a button, and law enforcement must be able to move as fast to protect our citizens. We commend the swift and decisive action of INTERPOL’s Financial Crime and Anti-Corruption Centre, which played a pivotal role in the prompt interception of more than USD 40 million.”

Since its launch in 2022, INTERPOL’s I-GRIP mechanism has helped law enforcement intercept hundreds of millions of dollars in illicit funds.

During its pilot phase, I-GRIP was pivotal in helping several countries recover funds transferred to fraudsters in the early years of the COVID-19 pandemic, including the interception of USD 3.4 million transferred from an Italian company in September 2020 for non-existent medical equipment in Indonesia.

In a 2024 INTERPOL operation, police used I-GRIP to intercept USD 331,000 in a business email compromise fraud involving a Spanish victim who transferred money to Hong Kong, China.

INTERPOL is encouraging businesses and individuals to take preventative steps to avoid falling victim to business email compromise and other social engineering scams. For more information and resources, visit our website: https://www.interpol.int/Crimes/Financial-crime

Timeline of a scam

15 July

Singapore firm receives scam email from fake supplier

19 July

Firm transfers USD 42.3 million to the fake supplier via a bank account in Timor Leste

23 July

Firm discovers the fraud after genuine supplier reports not being paid and files police report in Singapore; Singapore Police Force reaches out to INTERPOL

24 July

Singapore receives confirmation via INTERPOL that more than USD 39 million was intercepted thanks to cooperation with Timor Leste authorities

24-26 July

Timor Leste authorities arrest several suspects and recovers additional USD 2 million

Source: Interpol

Related posts:

  • Protect Good Faith Security Research Globally in Proposed UN Cybercrime Treaty
  • Cyber-enabled financial crime: USD 130 million intercepted in global INTERPOL police operation
  • INTERPOL-led operation takes down prolific cybercrime ring
  • USD 300 million seized and 3,500 suspects arrested in international financial crime operation
Category: Non-U.S.Of Note

Post navigation

← Six U.S. hospital breach reports from July; some have flown under the media radar (1)
UK: Provisional decision to impose £6m fine on software provider Advanced following 2022 ransomware attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Breaches have consequences (sometimes)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity
  • Patient death at London hospital linked to cyber attack on NHS
  • ShinyHunters and team members arrested in France (2)
  • Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs
  • Dublin ETB fined €125,000 for data protection breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.