media release (22-363MR)

Melbourne woman sentenced after stealing millions from superannuation and share trading accounts

Published

A Melbourne woman, 24, has been sentenced for her central role in a major international criminal syndicate, which stole millions of dollars from the superannuation and share trading accounts of innocent victims using fraud and identity theft.

The amount stolen through the fraudulent scheme is estimated to be in excess of $3.3 million. Attempts were made to steal an additional $7.5 million from the victims’ super and share accounts. The group also laundered an additional $2.5 million through the purchase, and on-selling, of luxury goods in Hong Kong.

The woman was today (Friday 16 December, 2022) sentenced to five years and six months’ imprisonment with a non-parole period of four years.

The AFP and the Australian Securities and Investments Commission (ASIC), as part of the Serious Financial Crime Taskforce (SFCT), began investigating the syndicate in late 2018. 

On 30 April 2019, AFP and ASIC investigators executed search warrants at the then 21-year-old’s Derrimut residence, after intercepting her at Melbourne Airport as she returned to Australia from Turkey. An examination of her laptop computer and mobile phones identified the details and images of hundreds of stolen identification documents. Hard-copy documents used to facilitate the offending were also located and seized.

The investigation – codenamed Operation Birks – showed the woman worked as part of an international criminal syndicate which used fraudulently-obtained identities to commit large-scale and sophisticated cybercrimes.

Stolen identity information purchased from darknet marketplaces, together with single-use telephone SIM cards and fake email accounts, were used to undertake an ‘identity takeover’ of unsuspecting victims.

These false identities were created to mimic real individuals who unknowingly had their identities compromised and were then used to open bank accounts at various Australian institutions. Investigators found at least 60 bank accounts created using these mimicked identities.

Once the false identities and accounts were established, the syndicate illegally accessed and stole money from the superannuation and share trading accounts of these victims.

The offender worked with others to create a cloned website that mimicked the legitimate website of a superannuation fund, using a domain name that was almost identical to the legitimate site. Online advertisements were used to promote the cloned website to bring it the top of the search engine. The intention was to harvest members’ usernames and passwords when they visited the cloned website (‘phishing’). The stolen member information was used to gain unauthorised access to member accounts.

The syndicate withdrew the superannuation savings of victims and deposited them in the fraudulent bank accounts. The stolen funds were laundered by sending them to an overseas contact, who used the funds to purchase untraceable assets such as jewellery and luxury brand items in Hong Kong. These were then sold and the money remitted to the offender in Australia through cryptocurrencies.

AFP Commander Cybercrime Operations Chris Goldsmid said this complex investigation revealed cybercrime occurring on multiple levels with devastating impacts for the victims.

“The consequences of these breaches are far-reaching and can be traced back to cybercrime offences that can impact everyday Australians.”

“We saw identity theft - where innocent victims had their personal details stolen and sold online in darknet marketplaces - hacking and phishing.”

“This investigation shows the devastating impacts that identity compromise can have – some people have lost their life savings, or had their retirement plans irrevocably changed because of the callous greed shown by this syndicate,” Commander Goldsmid said.

ATO Deputy Commissioner and SFCT Chief John Ford welcomed today’s outcome and said, “Cyber-enabled crime is an ongoing priority for the SFCT, and it’s becoming more prevalent as criminals have access to rapidly evolving technology.”

“The SFCT has an expert team that works across multiple Government agencies, both domestically and internationally, to share information and track down the most serious financial criminals. Today’s outcome demonstrates that for those who seek to cheat the system, especially at the expense of others, there really is no place to hide - we will take firm action,” Mr Ford said.

ASIC Deputy Chair Sarah Court said, “Data breaches within Australia’s financial system are significant threats, with consequences that can affect people’s savings for retirement. Driving good cyber-risk and operational resilience practices in financial services and markets is a continuing priority for ASIC.  Where appropriate, we will act to address digitally-enabled misconduct, including scams.  We encourage all entities to be cyber vigilant and act quickly to protect consumers.”

“As the conduct regulator for Superannuation, ASIC is particularly concerned at the sophistication and complexity of the crimes to defraud people of their super. We encourage Australians to check their super balance and change their passwords regularly, as one way to protect their superannuation from fraud,” concluded Ms Court.

Charge details

This matter was prosecuted by the Commonwealth Director of Public Prosecution. On 26 November 2021, the woman pleaded guilty to the following three offences:

  • One State based common law charge of conspiring to defraud superannuation funds (successful and attempted fraud totalling $4.7 million)
  • One State based common law charge of conspiring to defraud share trading funds (successful and attempted fraud totalling $5.9 million)
  • One Commonwealth offence of conspiracy to deal in proceeds of crime to the value of more than $1 million ($2.5 million).

Background

This operation was conducted as part of the ATO-led Serious Financial Crime Taskforce (SFCT). The SFCT is a joint-agency taskforce which brings together the knowledge, resources and experience of relevant law enforcement and regulatory agencies to address the most serious forms of financial crime.

Since the SFCT was established on 1 July 2015, more than 1,659 audits and reviews have been completed. Liabilities have been raised in excess of $1.593 billion, $630 million in cash has been collected and 17 people have been convicted and sentenced.

For more information on identity crime, including how to protect your identity and where to go for help if you think your identity has been compromised, visit ASIC’s Moneysmart Identity Fraud page.

If you think you may have been a victim of cybercrime, you can report this to police through the ‘Report Cyber’ portal at cyber.gov.au. The website also includes a range of advice on emerging cyber threats and how you can protect yourself online.

ASIC is working with APRA, the ATO and industry partners to evaluate whether security arrangements should be tightened to make it more difficult for fraudsters to target superannuation.

ASIC and AFP disrupt cybercrime network 

View the video transcript

The AFP and ASIC have disrupted a cybercrime network who have stolen millions of dollars from everyday Australians.

A 24-year-old woman was sentenced today at the County Court in Melbourne for role in a $3.3 million fraud and money laundering in excess of $1 million.

Cybercriminals have been using the anonymity of the darkweb to commit large scale fraud and stealing millions of dollars from online superannuation and share trading accounts.

How does it work?

Cybercriminals acquire stolen ID documents and personal information from the darkweb or by hacking into people's computers.

They set up email addresses and phone numbers in other people's names to build a background to legitimise the false identities.

They open online bank accounts using stolen IDs such as drivers' licences and passports.

They even place mail holds on postal addresses and re-direct mail sent by banks, super funds and stockbrokers.

This means victims may have no idea that a bank account has been opened in their name or that they have been a victim of fraud.

The cybercriminals then hack superannuation and trading accounts and transfer funds to fake bank accounts.

Once they steal the money, they cash it out through an offshore contact who buy high end products such as jewellery.

If you think your identity has been stolen, report it to police and your bank.

Some basic tips:

  • Use multi-factor authentication
  • Update the software on your apps and devices
  • Use secure passwords
  • Change your passwords if you think they may be compromised
  • Protect yourself against identity theft visit moneysmart.gov.au/banking/identity-theft

For tips on cyber resilience visit www.cyber.gov.au

Media enquiries: Contact ASIC Media Unit