Think you’d never be fooled? One scam email cost the government $3.5 million
- Replies 0
A Sydney man allegedly convinced a government agency to send him millions—by pretending to be someone he wasn’t.
Police say he faked emails, forged documents and even lined up at a bank to pocket the stolen funds.
But the AFP was already closing in.
A 38-year-old man from Lurnea was arrested after allegedly stealing more than $3.5 million from the Northern Territory government through an elaborate business email compromise scam.
The Australian Federal Police began investigating the case in November 2024 after a bank reported suspicious activity involving a government agency and a large sum of stolen money.
According to police, on 7 November 2024, the NT government received an email from someone claiming to be a contractor for a construction company working with the agency.
The email reportedly included fake documents, such as a vendor identification form with altered bank account details, and copied in fake addresses meant to resemble actual employees from the contractor’s company.
The AFP alleges the scammer had registered a new business with a name similar to the legitimate construction firm and opened a bank account under that identity.
Believing the request to be genuine, the NT agency transferred $3,583,363 into the fraudulent account.
Investigators later discovered the email addresses were fake, and the listed phone number led them directly to the suspect.
Police allege the man then made multiple cash withdrawals from the stolen funds, although swift action by the bank helped recover most of the money.
Roughly $11,603 remained unaccounted for.
On 23 July 2025, AFP officers executed a search warrant at the man’s home, where they seized electronic devices and documents linked to the company he had created.
He was charged with one count of dealing with proceeds of crime—money or property worth $1 million or more—a charge that carries a maximum sentence of 12 years in prison.
AFP Detective Superintendent Marie Andersson said the case served as a stark reminder to stay vigilant when handling email transactions.
‘In the 2023–2024 financial year, business email compromise and fraud were among the most common self-reported cybercrimes for small, medium and large businesses and individuals in Australia,’ she said.
‘It is crucial to double check emails, particularly if there is a request for a change in banking details.’
‘Call the party you are engaged with to confirm the request is legitimate—and use a phone number that you’ve previously used or independently verified—don’t call a number in the suspicious email.’
‘If you have fallen victim, report it immediately to your bank and the police to give us the best chance of recovering your money.’
‘As a result of quick action and preventive measures undertaken by the bank involved, $3,571,760 of the allegedly stolen money was recovered.’
The man appeared at Liverpool Local Court in Sydney last week and was granted conditional bail.
He is scheduled to appear at Campbelltown Local Court on 17 September.
Scams don’t always come in the form of fake businesses and million-dollar thefts—sometimes, they slip in through something as routine as a tax message.
With tax season in full swing, many people are seeing more emails and texts than usual from services claiming to be official.
If you’ve noticed a sudden uptick in messages from the ATO, this story breaks down what could be real—and what to watch out for.
Read more: Is the ATO messaging you more than usual? Here are some things to watch out for during tax season
Could something like this happen to your workplace—and would you know how to stop it?
Police say he faked emails, forged documents and even lined up at a bank to pocket the stolen funds.
But the AFP was already closing in.
A 38-year-old man from Lurnea was arrested after allegedly stealing more than $3.5 million from the Northern Territory government through an elaborate business email compromise scam.
The Australian Federal Police began investigating the case in November 2024 after a bank reported suspicious activity involving a government agency and a large sum of stolen money.
According to police, on 7 November 2024, the NT government received an email from someone claiming to be a contractor for a construction company working with the agency.
Man accused of $3.5m email scam. Image source: Pexels/Markus Spiske
Disclaimer: This is a stock image used for illustrative purposes only and does not depict the actual person, item, or event described.
Disclaimer: This is a stock image used for illustrative purposes only and does not depict the actual person, item, or event described.
The email reportedly included fake documents, such as a vendor identification form with altered bank account details, and copied in fake addresses meant to resemble actual employees from the contractor’s company.
The AFP alleges the scammer had registered a new business with a name similar to the legitimate construction firm and opened a bank account under that identity.
Believing the request to be genuine, the NT agency transferred $3,583,363 into the fraudulent account.
Investigators later discovered the email addresses were fake, and the listed phone number led them directly to the suspect.
Police allege the man then made multiple cash withdrawals from the stolen funds, although swift action by the bank helped recover most of the money.
Roughly $11,603 remained unaccounted for.
On 23 July 2025, AFP officers executed a search warrant at the man’s home, where they seized electronic devices and documents linked to the company he had created.
He was charged with one count of dealing with proceeds of crime—money or property worth $1 million or more—a charge that carries a maximum sentence of 12 years in prison.
AFP Detective Superintendent Marie Andersson said the case served as a stark reminder to stay vigilant when handling email transactions.
‘In the 2023–2024 financial year, business email compromise and fraud were among the most common self-reported cybercrimes for small, medium and large businesses and individuals in Australia,’ she said.
‘It is crucial to double check emails, particularly if there is a request for a change in banking details.’
‘Call the party you are engaged with to confirm the request is legitimate—and use a phone number that you’ve previously used or independently verified—don’t call a number in the suspicious email.’
‘If you have fallen victim, report it immediately to your bank and the police to give us the best chance of recovering your money.’
‘As a result of quick action and preventive measures undertaken by the bank involved, $3,571,760 of the allegedly stolen money was recovered.’
The man appeared at Liverpool Local Court in Sydney last week and was granted conditional bail.
He is scheduled to appear at Campbelltown Local Court on 17 September.
Scams don’t always come in the form of fake businesses and million-dollar thefts—sometimes, they slip in through something as routine as a tax message.
With tax season in full swing, many people are seeing more emails and texts than usual from services claiming to be official.
If you’ve noticed a sudden uptick in messages from the ATO, this story breaks down what could be real—and what to watch out for.
Read more: Is the ATO messaging you more than usual? Here are some things to watch out for during tax season
Could something like this happen to your workplace—and would you know how to stop it?
