Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all the essential stories in our cyber brief so your team can stay secure.
Cybercrime squad seizes gold bullion in $600,000 BEC scam case
NSW Police and the AFP-led Joint Policing Cybercrime Coordination Centre have charged three people over an alleged $600,000 business email compromise scheme being laundered through gold bullion. A 20-year-old woman was arrested at a Sydney CBD gold dealership on 14 May after allegedly buying $100,000 of gold five times in two weeks.
Information from NAB helped Operation Dolos trace the funds to the BEC. Police also seized $34,000 in cash and three phones.
Singapore CEO transfers US$36.3 million after fake WhatsApp call from "chairman"
A Singapore-based CEO transferred US$36.3 million in April after a fake WhatsApp call from someone posing as the company's chairman, with an urgent funding instruction. The case was one of several highlighted by Singapore Police Force's Operation FRONTIER+ III, a two-month transnational scam crackdown.
The money moved across four days before the CEO called the real chairman to verify. Singapore's Anti-Scam Centre recovered US$9.7 million; the remaining US$26.5 million was already offshore. No malware was involved; the call worked because nothing in the approval chain required independent verification before funds moved. Read more about how approval culture may have enabled this fraud.
A new CFO.com piece by Gartner analyst Dymah Paige argues that AI-accelerated disinformation has shifted from a reputational nuisance to a measurable enterprise risk that CFOs are best placed to own. Paige groups available defences into three categories of disinformation security tooling and lays out a framework for evaluating spend by its impact on enterprise risk.
It mirrors an argument that we frequently make: CFOs are in the best position to own an anti-cybercrime strategy, and stop fraudsters from exploiting the gaps between finance and security functions.
Survey: 97% of finance teams now use AI, only 3% sceptical of payoff
A new Consero Global survey of 102 finance leaders at venture- and private equity-backed companies finds that AI adoption inside finance departments has reached 97%, up from 76% in 2025. Only 3% of finance leaders remain sceptical of future AI payoffs.
Additionally, more than three-quarters of respondents say their AI investments are already generating positive returns within 12 months.
ASD warns of device code phishing campaign abusing Microsoft 365 sign-in
The Australian Signals Directorate has issued a warning about a phishing campaign targeting Microsoft 365 users with device code phishing. Attackers initiate a Microsoft sign-in request posing as a legitimate device, generating a code and link that the victim is socially engineered into approving.
Malicious actors are using automation and AI to request fresh codes the moment a victim clicks, making the attack significantly more reliable. ASD notes the shift away from stealing credentials toward abusing user trust in the sign-in flow itself. For finance teams, the technique is a direct precursor to BEC and payment redirection.
