The Australian Federal Police has claimed some success in thwarting in-progress business email compromise (BEC) scams, in cases where the incident is disclosed inside the first 24 hours.
Cybercrime operations commander Chris Goldsmid said yesterday that $45 million over three years was able to be intercepted and returned to Australian businesses.
“The common denominator for successful and partial recovery of funds was that victims contacted ReportCyber and their financial institutions as soon as they realised they had fallen victim to cyber criminals – usually within 24 hours,” Goldsmid said in a statement.
“Early engagement is key so law enforcement can investigate while also coordinating with those remediating affected systems.
“For business, we need them to have the muscle memory to call law enforcement immediately to ensure we get the evidence we need to identify those responsible for the cyber attack, disrupt the threat actors and protect their customers or those whose data is compromised.
“This will make it much easier as we work with financial institutions to make it harder for criminals to transfer money out of Australia when it has been obtained from cybercrime including, scams, ransomware and business email compromise.”
The AFP said it had leveraged “strong relationships with overseas law enforcement agencies and banks” to intercept monies.
The big four banks have seconded members to AFP’s Joint Policing Cybercrime Coordination Centre -JPC3, and are also part of Operation Helix, targeting “the biggest sources of harm across the financial sector through cyber-enabled fraud”.
The most commonly seen BEC scams are invoices sent to businesses with altered payment details.