A Sydney man has been charged with allegedly dealing with $3.5 million in proceeds of crime after a corporate email was fraudulently used to deceive the Northern Territory Government.
The Lurnea man (pictured), 38, appeared before Liverpool Local Court on Thursday where he was granted conditional bail to appear before Campbelltown Local Court on 17 September.
An AFP investigations began in November last year after a bank reported an alleged business email compromise (BEC) incident, which resulted in $3.5 million being stolen from a government agency.
The majority of the funds were later recovered, however it will be alleged the man did access some of the money, the AFP said in a statement.
“On 7 November, 2024, the agency had received an email from an individual who they believed to be a contractor from a construction company they were engaged with,” Police said.
“The sender allegedly provided a completed vendor identification form with updated bank details and appeared to carbon-copy email addresses of other individuals from the construction company.”
The AFP will allege the man registered a business to closely resemble the legitimate contractor for the government agency and opened a bank account to receive the fraudulently obtained funds.
The government agency then paid $3,583,363 to the fraudulent bank account believing it was linked to the legitimate construction company.
The other email addresses, which purported to be employees of the construction company, were allegedly fraudulently created to make the scam appear legitimate, the AFP alleges.
Further inquiries into the phone number linked to the vendor identification form allegedly led police to the man.
Police will allege that on multiple occasions, the man withdrew cash from the bank account which contained the diverted funds.
The AFP executed a search warrant at the man’s home on 23 July. Items seized included electronic devices and documentation pertaining to the company incorporated by the accused.
He was charged with one count of dealing with proceeds of crime, money worth $1,000,000 or more, contrary to section 400.3(2) of the Criminal Code (Cth).
The maximum penalty for this offence is 12 years’ imprisonment.
AFP Detective Superintendent Marie Andersson said cybercriminals targeted businesses and individuals that made significant or regular payments.
“In the 2023-2024 financial year, business email compromise and fraud were among the most common self-reported cybercrimes for small, medium and large businesses and individuals in Australia*,” Det-Supt Andersson said.
“It is crucial to double check emails, particularly if there is a request for a change in banking details. Call the party you are engaged with to confirm the request is legitimate – and use a phone number that you’ve previously used or independently verified – don’t call a number in the suspicious email.
“If you have fallen victim, report it immediately to your bank and the police to give us the best chance of recovering your money.
“As a result of quick action and preventative measures undertaken by the bank involved, $3,571,760 of the allegedly stolen money was recovered.”
ANZ Head of Financial Crime Threat Management, Milan Gigovic, , emphasised the bank’s dedication to safeguarding both its customers and the broader financial system.
“Business email compromise (BEC) and impersonation fraud are rapidly evolving and sophisticated scams that exploit the trust between businesses, their partners, and customers,” Mr Gigovic said.
“In response to this growing threat, ANZ’s Financial Crime team is proactively collaborating with industry, government, and law enforcement agencies — including the Australian Federal Police’s JPC3 team — to detect and stop these scams before they cause harm.
“Together, we are strengthening our defences, preventing fraudulent payments and protecting Australian businesses.”
If you are a victim of cybercrime, report it to police using Report Cyber.
*Source: Australian Cyber Security Centre Annual Cyber Threat Report 2023-2024.
