- 26
- 1
Criminals exploited a public channel for communicating with Australian cyber police to defraud local citizens of digital assets.
According to the AFP, unknown individuals illegally intercepted personal data, such as email addresses and phone numbers, through the Joint Police and Cybercrime Coordination Centre (JPCCC) database.
This information allowed them to submit false requests in the victims' names through the national online crime reporting system, ReportCyber .
[td]Cybercrime reporting portal. Source: ReportCyber.[/td]According to the report, one of the victims received a call from a person claiming to be a police officer. The person claimed their name was on a list of crypto wallet data leaks and provided the official incident reference number for ReportCyber.
The victim verified the information on the website—it did indeed contain her email address, which the scammers had obtained in the leak.
The scammers then called back, claiming to be from the exchange's "support team," asking to transfer funds to a "safe wallet." At this point, the victim became suspicious and stopped communicating.
Similar methods, such as phone number spoofing, have been used in several other cases.
AFP Detective Superintendent Marie Anderson stated that the new scam created the "appearance of legitimacy."
[td]"Cybercriminals conduct a process of verifying the victim's personal information that may meet generally accepted expectations. Moreover, they quickly transition from messages to calls, creating a sense of urgency."[/td]According to her, the incident highlights the increasingly sophisticated and calculated methods scammers are using to abuse Australians' trust.
As a reminder, in September, a user lost 783 BTC in a social engineering attack. The attackers posed as representatives of a crypto exchange and hardware wallet support team.
According to the AFP, unknown individuals illegally intercepted personal data, such as email addresses and phone numbers, through the Joint Police and Cybercrime Coordination Centre (JPCCC) database.
This information allowed them to submit false requests in the victims' names through the national online crime reporting system, ReportCyber .
The victim verified the information on the website—it did indeed contain her email address, which the scammers had obtained in the leak.
The scammers then called back, claiming to be from the exchange's "support team," asking to transfer funds to a "safe wallet." At this point, the victim became suspicious and stopped communicating.
Similar methods, such as phone number spoofing, have been used in several other cases.
AFP Detective Superintendent Marie Anderson stated that the new scam created the "appearance of legitimacy."
As a reminder, in September, a user lost 783 BTC in a social engineering attack. The attackers posed as representatives of a crypto exchange and hardware wallet support team.