Superannuation funds are boosting their online security systems as police and regulators investigate five more people following the charging of Melbourne woman Jasmine Vella-Arpaci with online fraud.
Ms Vella-Arpaci, 21, was charged with 53 fraud offences over transactions that involved the withdrawal of $1.73 million from the accounts of superannuation fund members and stockbroking clients.
To date, police believe the cyber scams under investigation total $10 million. But a staffer close to the investigation said “it could go higher than that” and the full extent of the alleged fraud ring is yet to be determined.
Already the size of the alleged offences has increased way beyond the $1.73 million Ms Vella-Arpaci was charged with.
An ASIC spokeswoman told The New Daily that $2.4 million had been successfully taken from stockbroking accounts and another $2 million from superannuation.
The fraudsters attempted to get into accounts totalling another $4 million in shares and $1.5 million in super.
Suspects under the microscope
Investigations into the fraud case are now focused on five more suspects and are being run by the Australian Federal Police and the Australian Securities and Investments Commission (ASIC) under the auspices of the multi-agency Serious Financial Crime Taskforce.
The scams involved identity makeovers to build fraudulent identities used to establish bank accounts in the names of those they were targeting.
Once the accounts were open, money was siphoned from the victims’ superannuation and stockbroking accounts, sent overseas and laundered through the jewellery market.
Profits were returned to fraudsters via cryptocurrencies.
CBA’s broking arm CommSec was named in court documents as being one firm hit by the fraud, along with CMC Markets Stockbroking and IG Markets.
Super funds named included Club Plus Super, HESTA, Hostplus, AustralianSuper and LUCRF Superannuation.
Court documents said there were more than 70 victims from the eastern states and Western Australia.
“Less than 10 AustralianSuper members were affected and they have all been contacted. AustralianSuper continues to work to further strengthen our security systems,” fund spokesman Stephen McMahon said.
“A number of new cybersecurity measures have recently been implemented by the fund to further protect member accounts.”
CommSec said it couldn’t comment on the matter because it was before the courts but asked clients suspecting fraud to contact the company.
Cyber crims on the rise
ASIC deputy chair Daniel Crennan, QC, said the matter highlighted the danger of fraud in the digital economy.
“Cybersecurity threats such as data breaches and financial system attacks are a major concern for ASIC and we will continue to pursue not only cyber-related market and superannuation offending but also the need for institutions to maintain their obligations to ensure they have adequate cyber resilience,” he said.
Association of Superannuation Funds of Australia chief policy officer Glen McCrea described it as “a very serious case of identity theft – a matter that financial services have been grappling with, particularly as scammers and thieves have become increasingly sophisticated”.
“Identity theft is an increasing problem across a range of financial institutions and the superannuation sector is not immune from such attacks,” he said.
Ms Vella-Arpaci was released on bail following a hearing in the Melbourne Magistrates Court on Tuesday and she will return on February 11.