- Trending
- Comments
- Latest
Scammers are exploiting Australia’s official cybercrime reporting system to impersonate federal police officers and steal cryptocurrency, filing fraudulent reports with victims’ stolen personal information before calling them to authorize transfers, authorities warned this week.
The scheme uses ReportCyber, the government platform for reporting cybercrimes, to establish credibility by providing victims with legitimate-looking case numbers that match reports the scammers filed on their behalf, according to the Australian Federal Police.
The scam works because criminals have illicitly obtained personal details including email addresses and phone numbers, then exploit ReportCyber’s feature that permits third-party reporting on behalf of victims, the AFP-led Joint Policing Cybercrime Coordination Centre said in a statement.
“These criminals verify personal information in ways that match common expectations and act fast to create a sense of urgency,” AFP Detective Superintendent Marie Andersson said.
In one case detailed by police, a victim received a call from someone posing as an AFP officer who claimed their name appeared in a cryptocurrency-related data breach. The fake officer provided an official-looking ReportCyber reference number.
When the victim checked the system and found a matching report that the scammer had filed, the scheme appeared legitimate. A second caller then posed as a representative from a cryptocurrency platform, using the same reference number to pressure the victim into transferring funds to what they claimed was a secure wallet.
The victim became suspicious and hung up before completing any transfer. Police said similar cases involve scammers using spoofed phone numbers that mimic genuine AFP contact lines.
The AFP did not disclose how many Australians have been targeted by the scheme or whether any victims have lost funds. The agency did not respond to requests for additional information about the scale of the fraud.
Authorities emphasized that genuine AFP officers will never request access to cryptocurrency accounts, recovery seed phrases, or banking information during unsolicited calls.
Andersson urged Australians who receive calls about ReportCyber submissions they didn’t file to hang up immediately and contact the official cybercrime helpline at 1300 CYBER1 to verify the claim.
“Legitimate reports remain vital for helping police track criminals and prevent others from being targeted,” Andersson said. “But Australians need to check for warning signs and protect themselves from cybercrime.”
The warning arrives as Australian regulators intensify efforts against cryptocurrency-related fraud across multiple fronts.
Last month, Home Affairs Minister Tony Burke announced pending legislation to regulate crypto ATMs, calling the machines a “high-risk product” linked to money laundering and child exploitation. Australia’s crypto ATM count has surged from 23 machines six years ago to roughly 2,000 today, Burke said.
In August, the Australian Securities and Investments Commission reported removing approximately 3,015 cryptocurrency scam websites over two years as part of a broader takedown of 14,000 fraudulent sites.
Meanwhile, AUSTRAC CEO Brendan Thomas flagged digital currencies as a top threat in July, describing forthcoming anti-money laundering regulations as “the most ambitious overhaul of Australia’s anti-money laundering laws in a generation.”
The ReportCyber exploitation scheme highlights growing sophistication among cybercriminals targeting cryptocurrency holders, with fraudsters increasingly weaponizing official government systems to add legitimacy to their operations.
