Singapore authorities have recovered over $40 million defrauded in a business email compromise (BEC) scam, Interpol revealed.
On 23 July 2024, a Singapore-based commodity firm reported to the Singapore Police Force (SPF) that they had fallen victim to a BEC scam. In such scams, fraudsters gain access to or impersonate business email accounts to deceive employees into transferring money to their accounts.
The incident began on 15 July when the firm received an email from what appeared to be a supplier, requesting that a pending payment be sent to a new bank account in Timor Leste. The email, however, originated from a fraudulent account with a subtly altered spelling of the supplier’s official email address.
Unaware of the deception, the firm transferred $42.3 million to the fake supplier on 19 July. The scam was discovered four days later when the genuine supplier inquired about the unpaid invoice.
Upon receiving the police report, the SPF sought assistance from authorities in Timor Leste through Interpol’s Global Rapid Intervention of Payments (I-GRIP) mechanism. I-GRIP leverages Interpol’s 196-country network to expedite requests for assistance in financial crime cases.
On 25 July, the SPF’s Anti-Scam Centre received confirmation that $39 million had been detected and withheld from the fake supplier’s bank account in Timor Leste. Follow-up investigations by Timor Leste authorities led to the arrest of seven suspects involved in the scam and the recovery of an additional $2 million.
