INTERPOL’s I-GRIP mechanism, launched in 2022, has been instrumental in intercepting illicit funds, helping law enforcement recover hundreds of millions of dollars
INTERPOL has announced the successful use of its “global stop-payment mechanism” to recover the largest-ever amount of funds defrauded in a business email compromise (BEC) scam. This comes after a commodity firm in Singapore fell victim to such a scam in mid-July 2024.
BEC scams involve cybercriminals posing as trusted figures to trick victims into transferring money or revealing confidential information via email. Common methods include unauthorized access to a finance employee’s or law firm’s email to send fake invoices or impersonating third-party vendors to send fraudulent bills.
In this case, on July 15, the Singaporean firm received an email from what appeared to be a supplier, requesting a pending payment be sent to a new bank account in Timor-Leste. The email, however, came from a slightly altered, fraudulent account. The company transferred $42.3 million to the fake supplier on July 19, only to discover the mistake on July 23 when the real supplier reported not receiving the payment.
Leveraging INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism, Singaporean authorities detected and froze $39 million in the counterfeit bank account the next day. Additionally, seven suspects were arrested in connection with the scam, leading to the recovery of another $2 million.
INTERPOL’s I-GRIP mechanism, launched in 2022, has been instrumental in intercepting illicit funds, helping law enforcement recover hundreds of millions of dollars. “Since its launch in 2022, INTERPOL’s I-GRIP mechanism has helped law enforcement intercept hundreds of millions of dollars in illicit funds,” the agency stated. Businesses and individuals are urged to take preventative measures against BEC and other social engineering scams.
This disclosure follows the seizure of an online digital wallet and cryptocurrency exchange, Cryptonator, accused of receiving criminal proceeds from hacking, ransomware, fraud, and identity theft. Cryptonator, launched in December 2013 by Roman Boss, failed to implement anti-money laundering controls. The U.S. Justice Department indicted Boss for founding and operating the service.
TRM Labs, a blockchain intelligence firm, reported that Cryptonator facilitated over 4 million transactions worth $1.4 billion, with Boss taking a cut from each transaction. These transactions included money exchanged with darknet markets, scam wallets, high-risk exchanges, ransomware groups, crypto theft operations, mixers, and sanctioned addresses. Cryptonator’s cryptocurrency addresses transacted with platforms like Bitzlato, Blender, Finiko, Garantex, Hydra, Nobitex, and an unnamed terrorist entity.
The popularity of cryptocurrency has provided numerous opportunities for fraud. A recent report from Check Point revealed that fraudsters are exploiting legitimate blockchain protocols like Uniswap and Safe.global to hide their activities and steal funds from cryptocurrency wallets. “Attackers leverage the Uniswap Multicall contract to orchestrate fund transfers from victims’ wallets to their own,” researchers noted. They also use the Gnosis Safe contracts and framework, tricking victims into authorizing fraudulent transactions.
