‘Money mule’ charged over $3.3m invoice scam
An accountant from Brisbane's east has been arrested and charged as the "money mule" for hackers sending fake invoices to Queensland businesses, stealing millions of dollars.
The woman, aged 65, was arrested after a search warrant of her Carina home uncovered she'd allegedly stolen $3.3 million from seven businesses across the span of around a year.
According to detectives from the State Crime Command's Financial and Cyber Crime Group, the woman worked as the money mule for a larger syndicate of computer hackers, who are likely based overseas.
Police allege the woman ciphered the money to 50 different bank accounts before sending the proceeds on, likely to bank accounts offshore.
One of the victims unknowingly gave the woman $1.1 million dollars from their business.
The sophisticated system allegedly worked as hackers were able to gain access to businesses emails and intercept invoices.
According to police, bank details on the invoice would be changed before sending the new invoice on to the victims.
Queensland Police Service Detective Inspector Vince Byrnes said it is crucial that anyone receiving bills via email must check bank account details with the business directly, rather than responding to the email the invoice was sent from.
Investigations are ongoing while detectives work to follow the trail of money back to determine who else may be involved in the alleged crime syndicate.
"Examine those invoices. Check the bank account details. If there has been any variation or a suggestion of variation, check with the vendor who has sent you the invoice," he said.
"If you receive a request for payment, verify independently, not through the email, verify independently with that vendor that those bank account details are accurate.
It's important that we protect the community by being vigilant ourselves."
Detective Senior-Constable Adrian Holt said police began their investigation in July after victims came forward.
"From that we were able to track the moment of money and follow that money back to the (alleged offender)," he said.
"The general way it occurs is they get the details of a client, they change the email to make it look like it's an original email and say that they didn't receive their payment, did you not know that we've changed our account details and as a result of that, they send the false account details through."
Det Sen-Const Holt alleged hackers, possibly based overseas, infiltrated the email accounts of the Queensland businesses to find invoices.
They then allegedly used the details on those invoices to claim the money was not received and should be transferred to accounts belonging to the Queensland "money mule".
"It then goes through what is called a money mule's account and is then transferred on," Det Sen Const Holt said.
"We're still currently tracking where the money goes. Our forensic accountants are following the money, where it's heading off to."
Det Sen-Const Holt said seven Queensland victims have lost $3.3 million within the last 12 months.
"One victim was $1.1 million. They range from large-scale businesses that pay bills to that value right down to small business, aged care, superannuation funds," he said.
The woman was charged with dealing with proceeds of crime, and is due to front court on October 16.
Originally published as Brisbane 'money mule' charged over $3.3m invoice scam