This Week in Fraud (4/28)

Hello Fraud Fighters!

This week, the US government named names at a Myanmar pig-butchering factory, and the evidence haul from 9,500 seized devices is about to rewrite what we know about how these operations actually run.

Also: the Fed quietly launches something that should make real-time payment fraud a lot harder to pull off, Experian puts 80 AI models to work on APP fraud in the UK, and airline booking fraud data reveals that Brasília has become, improbably, the fraud capital of the skies.

Let's get into it.

Nick

The Justice Department's Scam Center Strike Force this week unsealed criminal complaints against two Chinese nationals, Huang Xingshan and Jiang Wen Jie, for managing Shunda Park, an industrial-scale cryptocurrency investment fraud compound in Karen State, Myanmar. The charges are wire fraud conspiracy. Both men are currently in Thai custody on immigration charges after being arrested trying to transit back into Myanmar earlier this year, and the DOJ is pursuing extradition. Neither has been convicted.

The Shunda compound ran from at least January 2025 until November 2025, when it was seized by the Karen National Liberation Army, one of the armed factions in Myanmar's ongoing civil war. At that point, FBI agents deployed to Thailand gained access to the wreckage: more than 8,000 phones and 1,500 computers recovered from the site. Workers inside were trafficked individuals, held against their will and forced to run pig-butchering scams (the romance-to-crypto-investment con) under threat of violence. An FBI affidavit describes beatings, electrocutions, and murder. One scammer defrauded a single American victim of $3 million. After the seizure, Huang and Jiang relocated to Cambodia to start again. They tried to return through Thailand but were arrested.

What makes this week's announcement more than just another indictment is the scale of the simultaneous Strike Force action around it. The DOJ also seized 503 fake investment websites, took down a Telegram recruitment channel with more than 6,000 followers that was luring workers with promises of high-paying jobs in Cambodia, and confirmed that cryptocurrency linked to these schemes worth $701.96 million has now been restrained. Operation Level Up, the FBI/Secret Service initiative that proactively identifies and notifies cryptocurrency fraud victims, has now contacted 8,935 people, with 77% of them unaware they were being scammed at the time. The estimated amount saved is $562 million. Ninety-three victims were referred for suicide intervention.

The Shunda data haul is the real story here. Nearly 10,000 devices recovered from a single compound means the FBI now has an unprecedented intelligence window into how these operations are structured, how workers are recruited and trafficked, how fraud targets are set and enforced, how proceeds are moved, and who sits where in the hierarchy. The State Department simultaneously announced a $10 million reward for information related to the Tai Chang compound, another Karen State operation, which suggests the Strike Force already has a specific next target in mind.

The so what for financial institutions: pig-butchering is not a consumer education problem. It is a coordinated network with management layers, financial infrastructure, and logistics, and it is generating $16 billion a year in losses from US victims alone according to the Strike Force. The Shunda devices will likely produce transaction pattern data, mule account structures, and money movement signatures that should flow into shared intelligence frameworks. Fraud teams should be watching for what FinCEN and the FATF publish in the next six to twelve months as a result.

Starting April 28, FedNow participants (banks, credit unions, and service providers) will be able to access a new network intelligence API that delivers receiver account-level data before a transaction is sent. We're talking real-time visibility into the volume and value of recent activity on the receiving account, pulled directly from the FedNow network and layered on top of whatever risk data an institution already holds.

Jack Henry & Associates tested it during development and reported meaningful enrichment of transaction data before fraud review. FedNow CEO Nick Stanescu frames it as complementary intelligence, not a replacement for existing controls. The problem with real-time payments fraud has always been the asymmetry: the payment settles in seconds, but the risk decision was built for a world where you had overnight batch windows to think about it. Receiver-side network data, delivered in-session, is a meaningful step toward closing that gap.

Experian has gone live in the UK with Transaction Forensics, a new fraud and financial crime detection product built in partnership with Resistant AI — the behavioral analytics firm Experian invested in last July. The product draws on more than 80 AI models, combining Resistant AI's transaction and behavioral signals with Experian's consumer and commercial data. It covers Faster Payments, BACS, and CHAPS, and addresses APP fraud, money mule activity, and money laundering at the transaction, customer, or company level.

The pilot numbers are promising: 200% uplift in authorized push payment fraud detection, 80% reduction in false positives, and 50% drop in total alert volume. That last figure matters as much as the first: alert fatigue is a real operational problem, and anything that reduces noise without reducing signal is genuinely useful. FCA guidance requires clarify when AI is used in fraud detection, and Experian says the product is designed with that in mind. First product from the partnership; more are reportedly in the pipeline for 2026.

Accertify published its Global Air Travel Fraud Report for Q1 2026, based on analysis of more than 180 million airline booking transactions across 594 departure cities. Brasília tops the global fraud rate chart at 4.37%, up 376% year-over-year, with Tunis a close second at 4.36% and São Paulo third at 3.61%. Five of the top 11 highest-fraud departure cities globally are in Brazil.

US departure cities sit well below 1% even at high-volume hubs, Fresno leads the US at 0.25%. Australia is cleaner still, with Sydney at 0.12%. Accertify is clear that these figures represent prevented fraud (transactions denied before travel occurred) not losses. So what you're looking at is where fraud prevention systems are working hardest, which is a proxy for where fraud pressure is most concentrated. The Brazil spike in particular, up nearly fourfold in a year across multiple cities, suggests an organized shift in targeting rather than random variation. For travel-adjacent fintechs, payment processors handling airline merchants, and anyone running chargeback risk on international routes, the Latin America and North Africa numbers deserve a close look.

FATF published its 2026 Mutual Evaluation of Italy this week and the overall picture is broadly positive but with some pointed gaps. The report acknowledges a strong legal and institutional framework, significant prosecutions and asset confiscation particularly around organized crime, and solid analysis from Italy's financial intelligence unit. What it flags: sanctions applied for money laundering are on the lower end relative to the severity of Italy's organized crime exposure, and simpler, lower-value terrorist financing cases are not being prosecuted. Italy now has a three-year roadmap to address the gaps, with the implicit threat of more public scrutiny if progress stalls.

The organized crime dimension is the live wire here. FATF explicitly warns of a "high risk of organized crime" from both domestic mafia-type organizations and international criminal groups, and Italy sits at the intersection of significant money flows from exactly the kind of Southeast Asian fraud networks covered above. For compliance teams at European financial institutions with Italy exposure, this is a useful calibration: the legal framework is sound, but enforcement intensity on lower-end ML activity may not match what you'd expect from the framework on paper.

This Week in Fraud is a publication for fintech operators, fraud teams, and risk professionals. Have a tip or story? Drop Nick Holland a note at [email protected]