Cyber criminals in Australia have discovered an innovative and dangerous scam technique: impersonating officers from the Australian Federal Police (AFP), one of the public’s most trusted institutions. They are misusing the government’s official cybercrime reporting platform, ‘ReportCyber’, and leveraging legitimate case numbers and stolen personal data to attempt to steal cryptocurrency from victims.
This shocking scam illustrates how even legitimate government infrastructure in the digital world can be exploited by criminals. The AFP officially issued a warning about this new threat on Wednesday.
The Sophisticated Scam Mechanism: Building Credibility
The success of this scam chain relies on the credible details used by the criminals. They don’t just call; they utilize the government system itself to legitimize their plot.
Filing Fictitious Reports
Scammers are filing fake complaints on the ReportCyber portal—a platform designed for citizens to report cybercrime—using stolen personal data. Because the platform’s design allows third parties to file reports on behalf of others, criminals exploit this to bolster their scheme.
Fake Case Numbers and Personal Data
Once the fake complaint is submitted, the scammers contact the victims. They identify themselves as AFP officers and cite a fabricated, yet officially appearing, case reference number.
According to AFP Detective Superintendent Marie Andersson, the reason this deception is successful is that criminals gain credibility by verifying genuine personal information obtained from the ReportCyber platform. This prompts the victim to believe their claim that “your data has been linked to a crypto-related investigation.”
Transferring Money to “Safe” Wallets
Once the victim trusts the scammer’s story, they are handed over to a supposed representative from a fake “crypto platform.” This representative urges the victim to immediately transfer their funds to a Cold Wallet or some other “secure” address in the name of “legal protection.” This urgency reduces the time the victim has to think, leading to the theft of the money.
These scammers have further attempted to enhance their credibility by using spoofed phone numbers that appear to originate from genuine AFP lines.
Official Warnings and Protective Measures
The AFP has warned citizens about these criminal tactics and provided several key messages for the public to protect themselves:
- A Genuine Officer Will Never Ask: “Genuine AFP officers will never ask for crypto accounts, seed phrases, or bank information,” Marie Andersson clearly emphasized.
- Immediate Disconnection: If someone contacts them about a ReportCyber submission they did not make, the public should immediately disconnect the call and contact the AFP’s official Cybercrime Coordination Centre (1300 CYBER1).
The AFP stresses that real complaints are still crucial for monitoring cyber criminals and preventing further fraud.
Tightening Crypto Oversight in Australia
This scam warning comes amidst broader governmental efforts across Australia to combat crypto-related fraud and money laundering.
Regulatory Actions
- Targeting Crypto ATMs: Minister for Home Affairs Tony Burke announced upcoming legislation to restrict Crypto ATMs, calling them “high-risk products” associated with money laundering and child exploitation.
- ASIC Website Takedowns: The Australian Securities and Investments Commission (ASIC) has deleted over 14,000 fraudulent websites since July 2023. Crypto-related scams account for 20% of the platforms removed. ASIC currently targets 130 new malicious sites weekly.
- Stablecoin Regulation: ASIC has introduced temporary relief for intermediaries distributing stablecoins issued by licensed providers, allowing them to operate without additional licensing until June 2028.
Australia’s challenge underscores the delicate balance between enabling the diffusion of crypto technology and safeguarding the financial market. Preventing scammers from utilizing government platforms urgently requires both Technical Vetting and public education.
