SMS phishing fraudster charged in Sydney

This is a joint media release between the Australian Federal Police and New South Wales Police.

Editor’s Note: Vision of the arrests and seized items are available via Hightail

Two men have been arrested for their alleged involvement in an Australian-based fraud syndicate working to steal identities and money from thousands of Australians through a sophisticated SMS phishing scheme.

Operation Genmaicha is an AFP-led cybercrime investigation launched in July 2019. It followed reports of an online group allegedly sharing information about conducting fraud and phishing attacks on Australian financial institutions and their customers.

Australian Federal Police (AFP) Cybercrime Operations teams in Sydney and Melbourne worked collaboratively with NSW Police throughout the investigation. Police identified a number of ‘SIM boxes’ as the key source of large-scale SMS phishing attacks.

This type of cybercrime is also known as ‘smishing’. The SIM boxes were allegedly used to send text messages purporting to be from Australian banks and telecommunications companies, to mislead victims into providing their personal or financial account information.

AFP and NSW Police investigators executed search warrants on Tuesday (22 September 2020) in Macquarie Park and Burwood. Police seized nine SIM boxes, hundreds of SIM cards, and multiple electronic devices, including mobile phones, laptops and hard drives.

Police also seized fake ID documents, cash, including $50,000 found inside a safe, a money counter, methamphetamine of varying quantities and drug paraphernalia.

Two men, aged 50 and 36, were subsequently arrested.

The 50-year-old Macquarie Park man was charged with:

  • Eight counts of false or misleading information, contrary to section 136 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
  • One count of using a telecommunications network with intention to commit a serious offence, contrary to section 474.14 of the Criminal Code (Cth), where the serious offence is fraud, contrary to section 192E of the Crimes Act 1900 (NSW).
  • One count of dealing in identification information using a carriage service, contrary to section 372.1A of the Criminal Code Act 1995 (Cth).
  • One count of dishonestly obtaining or dealing in financial information, contrary to section 480.4 of the Criminal Code Act 1995 (Cth).
  • One count of dealing with property reasonably suspected of being proceeds of crime, contrary to section 400.9 of the Criminal Code Act 1995 (Cth).
  • One count of possession of prohibited drugs, contrary to section 10 of the Drug Misuse and Trafficking Act 1985 (NSW).

He has been remanded in custody to next appear in Sydney Central Local Court on 18 November 2020.

The 36-year-old Burwood man is scheduled to be charged with similar offences at a later date.

Police will allege the two men had direct access to and control over several SIM boxes, which are capable of using multiple SIM cards to send bulk text messages to tens of thousands of recipients in one hit.

It is alleged in a recent two-week period, these SIM boxes were used to send more than 10,000 smishing messages. As a result of these attacks, 45 customers from one bank alone confirmed they were phished – in one instance more than $30,000 was stolen from a single customer. Further investigations remain ongoing with financial industry partners to determine the exact extent of the fraudulent activity.

The AFP’s close collaboration with its private sector partners contributed to the success of this investigation, with Westpac, Commonwealth Bank of Australia, ANZ and TPG Telecom among others providing significant assistance throughout Operation Genmaicha.

AFP Commander Cybercrime Operations Chris Goldsmid said the sophistication of the equipment used and scale of the attacks in this investigation was extreme, with one telecommunications provider identifying more than 49,000 messages sent to its customers within the span of one week.

“This fraud syndicate had absolutely no regard for the hardworking Australians they stole from, victims who may be struggling since the bushfires and COVID-19 hit the nation,” Cmdr. Goldsmid said. 

“The success of Operation Genmaicha has prevented further Australians from seeing their hard-earned savings siphoned off to criminal entities.”

NSW Police Force Cybercrime Squad Commander, Detective Superintendent Matthew Craft, said law enforcement agencies across Australia are pooling resources to shut down individuals involved in offending across state borders.

“The ability of offenders to adapt technology for all the wrong reasons is a growing issue; however, police are equally up to the task of detecting and investigating these criminal syndicates,” Det Supt. Craft said.

“This technology, while not frequently encountered by law enforcement, was on this occasion successfully deployed against victims as part of this SMS phishing scam.

“These types of scams become somewhat redundant when the community heeds the advice to never provide confidential personal information to people you don’t know and can’t identify. Legitimate businesses will never call or SMS customers seeking confidential information. Always be suspicious when you receive such requests.”

For tips on identifying a scam (phishing) message, visit cyber.gov.au.

If you are a victim of cybercrime, you can report it online or contact the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371).

Note to media:

Interview opportunities are available with:

  • AFP Commander Cybercrime Operations Chris Goldsmid
  • AFP Acting Superintendent Cybercrime Operations Tom Walker
  • AFP Detective Sergeant Cybercrime Operations Spiros Drossos

Media enquiries

AFP Media: (02) 5126 9297

NSW Police Media: (02) 8263 6100

National Security Hotline

Read the AFP Annual Report 2019-20

The Australian Centre to Counter Child Exploitation

Platypus Online: Read. Discover. Enjoy.