Australia’s national cybercrime reporting portal was misused in an effort to deceive cryptocurrency holders, according to a recent warning from the Australian Federal Police. Investigators found that scammers submitted fraudulent reports through the platform using stolen personal information. They then contacted the targeted individuals and claimed to be law enforcement officers handling the newly filed case. The presence of an authentic reference number from the portal helped the scammers create a sense of legitimacy.
After establishing initial contact, the callers told victims that their cryptocurrency accounts were allegedly linked to an ongoing investigation or a wider security breach. They advised the targets to move their digital assets into what they described as secure storage until the matter was resolved. In reality, the transfers directed funds to wallets controlled by the attackers. Some victims were also pressured to provide account credentials, which allowed the scammers to gain direct access to their crypto holdings.
The calls often appeared to come from official phone numbers because scammers used number spoofing to imitate government and financial institutions. This tactic made the communication seem credible and reduced the likelihood that victims would verify the claims independently. Police stressed that legitimate officers do not ask individuals to transfer funds or provide access to cryptocurrency wallets under any circumstances. The misuse of an official reporting tool showed how quickly trust can be manipulated when criminals combine stolen data with convincing communication.
Risks for victims and steps to reduce exposure
The incident highlights a broader challenge for users who rely on digital reporting tools to flag cybercrime. Platforms that are designed to support victims can become part of a fraud attempt when attackers use them to add legitimacy to their schemes. Once funds are transferred to attacker-controlled wallets, the transactions cannot be reversed. The permanence of crypto transfers increases the impact on victims and reduces the chances of recovering assets.
Security officials advise taking extra care with any unexpected communication that references an investigation, even when the caller provides details that appear genuine. People who receive such calls should contact the relevant agency directly using contact information from an official website. Independent verification is essential because scammers rely on urgency and fear to prevent victims from checking the source. Individuals should also remain cautious when asked to move funds as part of an investigation. Law enforcement does not use this type of procedure and would not require access to private keys, recovery phrases, or account passwords.
The misuse of the reporting portal demonstrates how legitimate systems can be drawn into broader scams when attackers have enough personal information about their targets. It also underscores the importance of protecting personal data to limit the details available for impersonation. As scams continue to evolve, users are encouraged to treat unsolicited instructions involving crypto movements with suspicion and to maintain security practices that prevent unauthorised access to accounts.