The crypto currency wallets of more than 2000 Australians have been compromised in a scam which has netted $4 billion globally in three years.
The Australian Federal Police (AFP) joined a world-wide taskforce in June and have been working with a blockchain data platform to target criminal cryptocurrency scammers.
AFP Detective Superintendent Tim Stainton said the global operation had identified more than 2000 compromised crypto wallets belonging to Australians.
Detective Superintendent Stainton said the joint activity, known as Operation Spincaster, targeted criminals using a tactic called “approval phishing”, which had been used to steal more than $4 billion in cryptocurrency from victims globally since May 2021.
He said the AFP has ongoing investigations into the Australian losses and has developed further intelligence about cryptocurrency scam tactics to help prevent more Australians being scammed.
Detective Superintendent Stainton said the AFP-led Joint Policing Cybercrime Coordination Centre (JPC3) and Chainalysis, the blockchain data platform, targeted the approval phishing scams, in which criminals deceived victims into signing a malicious blockchain transaction.
“Once signed, the criminal has access to the victims’ crypto wallet and can spend specific tokens inside the victim’s cryptocurrency wallet.
“This method allows the criminal to drain the victim’s wallet of those tokens at will, which is similar to giving someone permission to transfer money from your online bank account.”
Detective Superintendent Stainton said approval phishing was increasingly seen in investment scams, where victims were offered high returns on cryptocurrency investments, and romance scams, where criminals used the illusion of a romantic or close relationship to manipulate and steal from victims.
He said Australia became involved in Operation Spincaster in June this year with the JPC3 hosting a workshop with Chainalysis, digital currency exchanges, government and law enforcement agencies.
Detective Superintendent Stainton said cybercrime was borderless and could not be tackled by one country or agency alone.
“Working together and sharing knowledge with industry, government and law enforcement partners is crucial,” he said.
He said Australians should remain vigilant of approval phishing and were reminded to consider the following when dealing with blockchain transactions:
- Cryptocurrency users should verify approval transactions before signing them, and should not sign without fully trusting the person or the company on the other end.
- Be sceptical of urgent requests for money or personal information, even if they appear to come from trusted sources.
- Use search engines and social media to research the person or company’s background and ensure their identity matches their online presence.
- Romance scammers, in particular, could profess love or strong emotions quickly to manipulate their targets emotionally. Be aware of these signs. Always verify the identity of the person you’re communicating with online. Request video calls or meetings in person if possible.
- Trust your instincts. If it seems too good to be true, it probably is.
- Report any suspicious profiles or interactions to the platform or authorities responsible for online fraud.
- Stay informed about the latest scam tactics and be aware of common signs of scams.
Learn more about approval phishing.
Learn more about how cryptocurrency and blockchain technology works.