A Melbourne woman, 24, has been sentenced to jail for her central role in a major international criminal syndicate that stole millions of dollars from superannuation and share trading accounts using fraud and identity theft.
The stolen amount is estimated to be more than $3.3 million, with attempts to steal an additional $7.5 million and $2.5 million laundered through the purchase and selling of luxury goods in Hong Kong.
The woman was sentenced to five years and six months’ imprisonment with a non-parole period of four years.
The AFP and the ASIC, as part of the Serious Financial Crime Taskforce (SFCT), began investigating the syndicate in late 2018. On 30 April 2019, AFP and ASIC investigators executed search warrants at the then 21-year-old’s Derrimut residence after intercepting her at Melbourne Airport as she returned to Australia from Turkey.
An examination of her laptop computer and mobile phones identified the details and images of hundreds of stolen identification documents. Hard-copy documents used to facilitate the offending were also located and seized.
The investigation – codenamed Operation Birks – revealed the woman worked as part of an international criminal syndicate which used fraudulently obtained identities to commit large-scale and sophisticated cybercrimes.
Stolen identity information purchased from darknet marketplaces, together with single-use telephone SIM cards and fake email accounts, were used to achieve identity takeovers of unsuspecting victims.
False identities were created to mimic real individuals who unknowingly had their identities compromised and then used to open bank accounts at various Australian institutions. Investigators found at least 60 bank accounts created using these mimicked identities.
Once the false identities and accounts were established, the syndicate illegally accessed and stole money from the superannuation and share trading accounts of these victims.
The offender worked with others to create a cloned website that mimicked the legitimate website of a superannuation fund, using a domain name that was almost identical to the legitimate site.
Online advertisements were used to promote the cloned website to bring it the top of the search engine. The intention was to harvest members’ user names and passwords when they visited the cloned website (known as phishing). The stolen member information was used to gain unauthorised access to member accounts.
The syndicate withdrew the superannuation savings of victims and deposited them in the fraudulent bank accounts. The stolen funds were laundered by sending them to an overseas contact, who used the funds to purchase untraceable assets such as jewellery and luxury brand items in Hong Kong. These were then sold and the money remitted to the offender in Australia through cryptocurrencies.
AFP commander cybercrime operations Chris Goldsmid said this complex investigation revealed cybercrime occurring on multiple levels with devastating impacts for the victims.
“The consequences of these breaches are far-reaching and can be traced back to cybercrime offences that can impact everyday Australians,” he said.
“We saw identity theft - where innocent victims had their personal details stolen and sold online in darknet marketplaces - hacking and phishing.”
“This investigation shows the devastating impacts that identity compromise can have – some people have lost their life savings, or had their retirement plans irrevocably changed because of the callous greed shown by this syndicate.”
ATO deputy commissioner and SFCT chief John Ford said cyber-enabled crime was an ongoing priority for the taskforce and it was becoming more prevalent as criminals had access to rapidly evolving technology.
ASIC deputy chair Sarah Court said data breaches within the financial system were significant threats with consequences that could affect people’s savings for retirement.
You are not authorised to post comments.
Comments will undergo moderation before they get published.