Police Return $6.58M to Japanese Firm After Thai-African Cyber Gang Bust

Police Lieutenant General Trairong Phiwpan, Commander of the Technology Crime Suppression Division, ceremonially hands over a $6.58 million check to representatives of the Japanese company - funds successfully frozen from the cybercrime group - at the Technology Crime Suppression Division headquarters on July 9, 2025.

BANGKOK — Thai Cyber Crime Police have arrested six suspects – both Thai and African nationals – in connection with a sophisticated email fraud scheme that defrauded a major Japanese company of $7 million. Authorities have coordinated with the FBI to freeze $6.58 million of the stolen funds for return to Japanese representatives.

Police Lieutenant General Trairong Phiwpan, Commander of the Technology Crime Suppression Division, announced the results of “Operation Money Cash Back” during a press briefing on July 9.

The case began on April 25 when Thai police received notification from a local commercial bank, which had been contacted by a Japanese bank reporting that a prominent Japanese company had fallen victim to cyber fraud through email deception, resulting in transfers totaling over 228 million baht ($7 million) to Thai accounts.

Investigations revealed that the criminal network had intercepted emails between the Japanese company and its business partners, then created sophisticated fake email domains that closely resembled legitimate ones. The fraudsters sent deceptive messages to the Japanese company’s finance department claiming that banking details for fund transfers had been changed, prompting immediate money transfers.

Advertisement

 

Swift Money Laundering Operation

After the transfer, surveillance showed rapid withdrawal activity. At 5:31 p.m., Thai suspect Weerakan withdrew 3 million baht ($91,810) from the account, followed by an additional 10 million baht ($306,030) at 6:05 PM before the bank froze the account and notified the Technology Crime Suppression Division.

The recipient company was registered in Lat Krabang District, Bangkok, ostensibly operating as a used vehicle wholesale business with 1 million baht in registered capital and three directors: Weerakan, Ms. Wilaiporn, and Mr. Anucha. All three were issued arrest warrants and apprehended by April 29.

Nigerian Mastermind Uncovered

Extended investigations identified the operation’s mastermind as Mr. Annest Onyebuchi, a Nigerian national married to Thai woman Ms. Pinyanun. She testified that she received invoice images from Annest via WhatsApp before forwarding them to other suspects for bank withdrawals. Authorities also discovered plans to deposit an additional 100 million baht ($3 million) into accounts belonging to Million Mix Company Limited, directed by Mr. Phuripat and Mr. Sumet.

Million Mix Company subsequently changed its name to “Food Cyber Limited” and operated from the 13th floor of a building on Rama IV Road in Sathorn District. During searches, officers seized crucial evidence before arresting Mr. Ibrahim, a 51-year-old Ghanaian national, on May 8 at Nonthaburi Immigration Office.

Ibrahim coordinated with company directors to receive international transfers in exchange for 5% commission and demonstrated suspicious behavior by ordering chat deletions and silencing accomplices following arrest news.

All six arrested suspects face multiple charges including conspiracy to commit fraud by impersonation, conspiracy to input fraudulent computer data, conspiracy to commit money laundering, conspiracy to allow others to use personal banking accounts for technology crimes, participation in transnational criminal organizations, conspiracy to form criminal gangs, and related offenses under Thai law.

International Cooperation

Thai National Police have coordinated with the FBI to investigate the email spoofing origins and dispatched senior officers abroad to closely examine cybersecurity systems of the targeted Japanese company and its international partners.

Lieutenant General Trairong warned businesses both domestically and internationally to exercise increased caution when verifying financial information changes, particularly regarding emails and bank transfer details, to prevent falling victim to Business Email Compromise (BEC) fraud, which is spreading globally.

___________