A global stop-payment mechanism developed by INTERPOL has enabled Singapore authorities to recover over USD 40 million from a business email compromise (BEC) scam, marking their largest-ever recovery of fraudulently obtained funds.
On 23 July 2024, a commodity firm based in Singapore reported falling victim to a BEC scam. The firm received an email on 15 July from what appeared to be a supplier, requesting that a pending payment be sent to a new bank account in Timor Leste. The email address slightly differed from the supplier’s official email, a detail the firm overlooked. Consequently, a few days later, the firm transferred USD 42.3 million to the fraudulent account, only realizing the error when the genuine supplier asked about the missing payment.
Swift Action and Recovery
Upon receiving the report, the Singapore Police Force (SPF) immediately sought assistance from Timor Leste authorities via INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism. I-GRIP leverages INTERPOL’s 196-country police network to expedite requests in financial crime cases.
On July 25, the SPF’s Anti-Scam Centre confirmed that USD 39 million had been detected and withheld from the fake supplier’s bank account in Timor Leste. Follow-up investigations by Timor Leste authorities led to the arrest of seven suspects and the recovery of an additional USD 2 million. Efforts are underway to return the stolen funds to the Singapore firm.
Statements from Officials
Isaac Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC), stressed the importance of rapid response: “Speed is crucial to successfully intercepting the proceeds of online scams, with police, financial intelligence units, and banks cooperating across multiple jurisdictions in a race against time. The cooperation between authorities in Singapore and Timor Leste, in this case, was exemplary and demonstrates how quick action through INTERPOL can help recover funds taken from the fraud victims and identify the perpetrators.”
“Scams are a global threat that requires a global response from law enforcement,” added David Chew, Director of the SPF’s Commercial Affairs Department. “Today, money moves at the click of a button, and law enforcement must be able to move as fast to protect our citizens. We commend the swift and decisive action of INTERPOL’s Financial Crime and Anti-Corruption Centre, which played a pivotal role in the prompt interception of more than USD 40 million.”
The Global Impact of I-GRIP
Since its launch in 2022, INTERPOL’s I-GRIP mechanism has been instrumental in intercepting hundreds of millions of dollars in illicit funds. During its pilot phase, I-GRIP helped several countries recover funds transferred to fraudsters, including the interception of USD 3.4 million from an Italian company for non-existent medical equipment in Indonesia in September 2020.
In a 2024 operation, police used I-GRIP to intercept USD 331,000 in a BEC fraud involving a Spanish victim and a Hong Kong bank account.
Preventative Measures
INTERPOL urges businesses and individuals to adopt preventative measures to avoid falling victim to BEC and other social engineering scams. For more information and resources, visit INTERPOL’s website.
Timeline of the Scam
- July 15: Singapore firm receives scam email from fake supplier.
- July 19: The firm transfers USD 42.3 million to the fake supplier’s bank account in Timor Leste.
- July 23: The firm discovers the fraud after the genuine supplier reports not being paid and files a police report in Singapore. SPF reaches out to INTERPOL.
- July 24: Singapore receives confirmation via INTERPOL that over USD 39 million was intercepted with the help of Timor Leste authorities.
- July 24-26: Timor Leste authorities arrest several suspects and recover an additional USD 2 million.
This case underscores the critical role of international cooperation and rapid response in combating financial crimes.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.