INTERPOL’s global stop-payment mechanism has intercepted over $40 million stolen in a BEC attack and led to the arrest of seven suspects.
On July 15, 2024, a commodity firm based in Singapore received an email from a supplier requesting payment to a new bank account.
The firm completed the transaction but later discovered the mistake after the legitimate supplier denied receiving any payment.
“Unaware, the firm transferred USD 42.3 million to the fake supplier on 19 July, only discovering the crime four days later when the genuine supplier said it had not been paid,” said INTERPOL.
Subsequently, the firm reported the incident to the Singapore Police Force (SPF), which requested assistance from Timor Leste’s authorities through INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism.
INTERPOL recovers BEC attack funds in record time
On 25 July, INTERPOL notified SPF’s Anti-Scam Centre that $39 million of the stolen sum was traced and frozen in a bank account based in Timor Leste. The country’s law enforcement agencies also conducted follow-up investigations, detained seven suspects, and recovered over $2 million.
While little details are available, INTERPOL said the BEC attack leveraged a slightly misspelled email address mimicking the third-party supplier.
“The email, however, came from a fraudulent account spelled slightly different to the supplier’s official email address,” INTERPOL disclosed.
The operation took less than ten days from the BEC attack to the suspects’ arrest, highlighting the effectiveness of INTERPOL’s stop-payment mechanism. Law enforcement agencies in 196 countries are I-GRIP network members.
“The cooperation between authorities in Singapore and Timor Leste in this case was exemplary and demonstrates how quick action through INTERPOL can help recover funds taken from the fraud victims and identify the perpetrators,” said Isaac Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC).
“Speed is crucial to successfully intercepting the proceeds of online scams, with police, financial intelligence units and banks cooperating across multiple jurisdictions in a race against time.”
Since its inception in 2022, INTERPOL’s I-GRIP mechanism has recovered hundreds of millions of illegally obtained funds.
In 2024, I-GRIP recovered $331,000 from a Spanish BEC attack victim, transferred to an account in Hong Kong. The recovery was part of Operation First Light, coordinated across 61 countries. It recovered $257 million in cash, cryptocurrency, assets, and jewelry, froze 6,745 bank accounts, detained 3,950 suspects, and identified 14,643 possible culprits.
In 2020, INTERPOL also recovered stolen $3.4 million intended for COVID-19 supplies, transferred to an Indonesian bank account after an Italian company succumbed to a BEC attack.
Business email compromise one of top reported cybercrimes
FBI’s Internet Crime Complaint Center (IC3) lists business email compromise among the top three cybercrimes reported annually.
In 2023, IC3 received 21,489 BEC attack complaints resulting in $2.9 billion in losses. In contrast, IC3 received 2,825 ransomware complaints, with losses amounting to $59 million during the same period. However, many ransomware attacks are unreported, and victims pay ransom discreetly. Thus, ransomware losses might be higher than reported.
Meanwhile, INTERPOL advises organizations to “take preventative steps to avoid falling victim to business email compromise and other social engineering scams.”

