Australians are being warned about a new scam in which criminals pose as federal police officers and pressure victims into handing over their cryptocurrency.
The Australian Federal Police (AFP) says the scheme is spreading fast – and it’s catching people off guard.
Investigators at the AFP’s Joint Policing Cybercrime Coordination Centre (JPC3) say scammers start by getting hold of a victim’s personal details, such as email addresses and phone numbers.
That information is often scraped from public sources or bought from leaked datasets.
Armed with these details, the scammer phones the victim while pretending to be an AFP officer.
They claim the person’s identity has turned up in a “major data breach” involving cryptocurrency and finance — a lie designed to spark panic.
Soon after, the victim receives a second call from someone posing as a representative of their cryptocurrency platform. This “follow-up” is carefully staged to seem official, and the fake rep instructs the victim to move their funds to another account for “safekeeping”.
To tighten the trap, scammers often spoof real phone numbers and say an arrest has already been made in connection with the supposed breach — all to make the story sound legitimate.
AFP Detective Superintendent Marie Andersson urged Australians to stay “extremely wary”, stressing that real police will never ask for access to cryptocurrency accounts, seed phrases, banking details, or any sensitive financial information.
“Bear in mind legitimate law enforcement officials will never request access to your cryptocurrency accounts, wallets, bank accounts, cryptocurrency wallet seed phrases, or any personal information relating to your financial accounts,” said Andersson.
“We encourage Australians to adopt necessary safety measures online and take a moment to stop their scroll, check for warning signs of scams and protect themselves from cybercrime.”
Government tool used to build false trust
The AFP says the scammers are exploiting an unlikely tool to make their scheme look legitimate: ReportCyber, the government’s official cybercrime reporting platform.
By entering a victim’s email and phone number into ReportCyber, criminals can lodge a fake report and instantly receive a genuine case reference number.
They then quote that number back to the victim during their impersonated AFP call, urging them to check the ReportCyber website themselves — a tactic that convinces many they’ve genuinely been caught up in a data breach.
In reality, the scammer has simply filed a bogus cybercrime report to create a paper trail that looks authoritative.
“This appeared plausible because ReportCyber allows individuals to report cybercrime on behalf of victims,” AFP investigators said.
‘Sophisticated and calculated’
Andersson said the scam shows just how “sophisticated and calculated” cybercriminals have become in manipulating trust.
“These cybercriminals step through a process to verify the target’s personal information which may match common expectations,” she said.
“What’s more, because they move quickly from making the report to calling the target, they can create a sense of urgency.”
The AFP did not cite precisely how many victims had reported the scam, but cybercrime investigators detailed one real-life case to illustrate how it worked.
In this case, the victim received phone calls from both an AFP impersonator and someone pretending to be a representative of a cryptocurrency platform – both of whom cited ReportCyber reference numbers.
Police said “the target became suspicious and hung up” when they were asked to transfer their funds from an online wallet to a ‘Cold Storage’ account which was not connected to the internet.
Please, keep using ReportCyber
The AFP stressed the scam was uncovered because victims reported what happened — a positive sign, they said, of growing cyber awareness in the community.
Police emphasised that ReportCyber remains safe, urging Australians not to abandon the platform.
“Every cybercrime report helps police track offenders, build intelligence and stop others from being targeted,” Andersson said.
Her message was clear: if you’re contacted about a ReportCyber report you never made — or authorised someone else to make — hang up immediately and notify ReportCyber or call 1300CYBER1 (1300 292 371).
When asked whether the scam had prompted new security changes, the Australian Signals Directorate said ReportCyber “remains secure and operational”, adding that all Australians should stay alert to evolving scams.
