A Singapore-based company CEO was tricked into authorizing a US$36.3 million, or about S$46.5 million, transfer after scammers impersonated the chairman of his firm’s headquarters through a WhatsApp call.
The fraud began on Apr. 9, when the executive was told to oversee an acquisition project. He then directed the company’s chief financial officer to arrange the funding, turning a fake leadership instruction into a real corporate payment chain.
Between Apr. 13 and Apr. 17, the company sent US$36.3 million into two local OCBC accounts, with US$27.1 million coming from a Luxembourg subsidiary and US$9.7 million from the Singapore entity. CNA reported the case as one of the major examples uncovered during Operation Frontier+ III, a two-month international anti-scam operation involving Singapore and nine foreign law enforcement partners.
The deception was uncovered on Apr. 17 after the CEO checked the supposed acquisition with the real chairman. By then, the money had already started moving across borders.
Singapore Freezes Funds, Hong Kong Seizes More
Singapore’s Anti-Scam Centre froze US$9.7 million that remained in the local accounts, but about US$26.5 million had already been wired to Hong Kong. Singapore police then contacted Hong Kong’s Anti-Deception Coordination Centre, leading to the seizure of more than US$11.1 million from Hong Kong bank accounts and associated cryptocurrency wallets.
Mothership’s breakdown also reported that two Singaporeans who allegedly helped open a corporate bank account used to receive illicit funds were arrested. Investigations are ongoing.
The crypto-wallet detail gives the case wider relevance for digital-asset enforcement. The scam itself did not start onchain. It started with impersonation, corporate trust, and a payment approval failure. Crypto entered the picture later, as part of the suspected fund movement and seizure trail after money had already left Singapore.
That pattern is increasingly common across fraud and cybercrime cases. Law enforcement now has to trace stolen value through bank accounts, shell companies, crypto wallets, exchanges, and offshore routes at the same time. Recent cases involving Bitcoin seizures tied to darknet-market investigations show the same enforcement pressure: money can move across rails quickly, but recoveries depend on fast freezing orders, jurisdictional cooperation, and clear forensic trails.
Operation Frontier+ III Widens The Crackdown
The CEO case surfaced during Operation Frontier+ III, which ran from Mar. 10 to May 7 and involved more than 3,200 officers across Singapore, Hong Kong, South Korea, Malaysia, the Maldives, Thailand, Macau, Indonesia, Brunei, and Canada.
The Straits Times reported that the operation led to 3,018 arrests and investigations into 7,553 people linked to more than 138,000 scam cases involving about US$752 million in losses. Nearly 102,000 bank accounts were frozen, and more than US$161 million in illicit funds were seized.
Singapore’s own figures were also significant. Police arrested more than 130 people, investigated more than 1,000 others, froze 2,315 bank accounts, and seized about S$35 million during the operation.
The CEO case shows why executive impersonation remains so dangerous even for large companies. The attack did not need a hacked blockchain, a fake exchange, or a wallet drainer. It needed authority, urgency, and a believable acquisition story strong enough to push internal finance staff into action.
Crypto investors have seen the same psychology across online fraud markets, from fake investment platforms to cases like the Turkish Farm Bank scheme, where a credible-looking business story helped draw victims into a much larger financial trap.
The remaining recovery effort now depends on what investigators can still freeze in Hong Kong, whether the arrested account facilitators expose more of the laundering route, and how much of the US$26.5 million that left Singapore can be traced through bank accounts and wallets before it is split further.
Be the first to comment