Good News for Victims: Thai Authorities Move to Return 46 Million Baht After Huione Pay Scam Bust
Relief is finally on the way for victims of a transnational online scam tied to the Huione Pay network. On 26 January 2026 at 3:39 pm, the Cyber Crime Investigation Bureau formally handed over 46,181,000 baht in seized assets to the Anti‑Money Laundering Office (AMLO). The transfer — performed at the Crime Suppression Division headquarters in Bangkok — marks a major step toward returning stolen funds to people who fell prey to a sophisticated mobile-app fraud ring.
Senior officials from both agencies were on hand at a press briefing to confirm the handover and walk victims through the compensation process. The funds were confiscated as part of Operation SKYFALL, a probe launched in August 2025 that zeroed in on a scam network operating through a mobile application and laundering proceeds via Huione Pay.
How the Scheme Worked
Investigators say the perpetrators created two shell companies to open multiple Thai bank accounts under false identities. A Thai woman was recruited as an accountant to register the companies and set up accounts — basically acting as the administrative linchpin for the operation. In return for payment, she provided account details and handed over SIM cards used to receive one‑time passwords (OTPs), which are critical for confirming bank transactions.
Those accounts and SIM cards were later transferred to the criminal syndicate, which used them to funnel and cash out funds generated by the scam. Police were eventually able to trace transactional trails, obtain arrest warrants, and make arrests: the accountant was detained in Huai Khwang, Bangkok, while a Chinese suspect was intercepted at Suvarnabhumi Airport as he attempted to re‑enter Thailand. Additional suspects remain under investigation.
Assets Frozen, Victims Eligible for Restitution
Following the arrests, the Anti‑Money Laundering Office froze and seized 31 assets tied to the operation. The total value of those assets equals the 46,181,000 baht now slated for redistribution to victims. Most of the assets were funds held in domestic bank accounts linked to the Huione Pay laundering scheme. Details of the seized accounts have been published in the Royal Gazette, a required step to formalize the confiscation and notify interested parties.
How Victims Can Claim Compensation
If you believe you were defrauded by this network, take note: victims have 90 days from the official announcement to submit compensation claims. The deadline is 17 March 2026. The Anti‑Money Laundering Office has made the process accessible with three submission options:
- In person: Visit any AMLO office to file your claim directly;
- By post: Send documentation via Thailand Post to the designated office;
- Online: File a claim through the AMLO website.
Make sure you gather all relevant proof — bank statements, transaction IDs, screenshots of conversations or app activity, and any correspondence with the alleged scammers. The published Royal Gazette notice lists the frozen accounts and provides official verification useful for claim submissions.
What This Bust Means — And What You Can Do
This operation showcases how quickly transnational scams can multiply when fraudsters combine fake corporate structures, coerced or paid insiders, and modern mobile payment platforms like Huione Pay. It also demonstrates that coordinated action between cybercrime units and anti‑money laundering agencies can recover substantial sums and deliver justice.
If there’s a positive takeaway, it’s that recovered funds are being returned rather than disappearing into the void. Still, prevention remains the best cure. A few practical tips to reduce your risk:
- Guard your OTPs and never share SMS codes, even if someone claims to be from your bank;
- Be skeptical of unsolicited app prompts or messages that ask you to transfer money or install unfamiliar payment apps;
- Check company registration details when dealing with online investment platforms or payment services; fake company documents can look convincing but often contain subtle inconsistencies;
- If you suspect fraud, report it immediately to the Cyber Crime Investigation Bureau and AMLO, and alert your bank so they can monitor or freeze suspicious transfers.
The case was initially reported by Khaosod, drawing on statements from investigators and anti‑money‑laundering officials. As Operation SKYFALL continues to unfold, more details and potentially more recovered assets may come to light. For victims and anyone tracking the story, keep an eye on official announcements from the AMLO and public notices in the Royal Gazette.
If you think you may be affected, don’t wait — gather your documentation and submit a compensation claim before 17 March 2026. This recovery is a rare win in the ongoing fight against sophisticated digital fraud, and it’s the first step toward making victims whole again.
Great to hear AMLO recovered funds, but the claim process must be transparent and quick. Victims need clear guidance and protection of their personal data when they submit proofs. Don’t let bureaucracy slow this down — the 17 March deadline is coming fast.
I agree, transparency is key, but also make sure small victims get prioritized. Many people won’t know how to compile the right documents. AMLO should run clinics to help folks file claims.
Clinics are fine, but will AMLO actually validate claims fairly or just rubber-stamp some cases? I lost wages to a scam like this and I’m wary.
AMLO has a legal framework, but civil society must monitor outcomes, and victims should insist on receipts and public reporting of distributions.
Sounds good in the headline, but is 46 million enough considering how many were scammed? This feels like a drop in the bucket. Also, why did it take so long since August 2025?
Investigations take time, especially transnational ones with shell companies and cross-border actors. Still, you’re right to ask for accountability on speed and scope of asset recovery. The Royal Gazette publication is a necessary legal step, but not a communication triumph.
I get the complexity, but victims need communication, not legalese. Posting a long Royal Gazette notice isn’t the same as helping someone who lost their life savings.
I was scammed via a fake investment app and barely sleep. I hope AMLO really returns what they seized. Filing claims from a small town is scary though.
This is so unfair, grown-ups should stop falling for these apps.
As a forensic accountant, I can say tracing funds is painstaking but possible if banks cooperate and transaction metadata is preserved. Victims should collect transaction IDs, timestamps, and any app-generated receipts. Legal representation can help aggregate claims when multiple victims share the same criminal trail.
Thank you, I will try to get my bank statements and screenshots together this week.
Banks should be blamed too — how do so many accounts get opened with fake IDs and OTPs? This is a systemic failure of KYC. Punish bank employees who facilitate this negligence.
Banks must improve KYC and SIM swap monitoring, but criminal networks exploit loopholes and corrupt insiders. Regulators need to enforce penalties and require stronger authentication beyond SMS. Two-factor auth via app-based tokens or hardware keys would reduce this attack surface.
Stronger auth is obvious, but enforcement is the sticking point. If employees are complicit, fines alone won’t stop it — criminal charges should apply.
This is a rare win — recovered funds being returned is better than nothing. Give credit to the investigators for Operation SKYFALL. Now victims must act fast before March 17.
I’m happy too, but I worry about data privacy; victims handing over bank statements may expose them to identity theft. AMLO should guarantee secure handling of documents.
Good point, AMLO needs strict data protections in their claim system.
Technical note: SMS OTPs are insecure because of SIM swap attacks and social engineering. Apps should use app-based authenticators and biometric checks tied to device integrity. Policymakers should mandate multi-modal authentication for money movement.
Can regular people switch to app authenticators easily? My grandma only uses SMS. This sounds like it will leave the elderly behind.
Banks and apps should provide assisted migration paths for less tech-savvy users, including in-branch setup and alternatives like token devices. Education campaigns are crucial.
From a legal perspective, the publication in the Royal Gazette is a meaningful procedural step that safeguards due process. Victims should still prepare to substantiate loss under AML claim rules, and defense counsel for accused parties will likely contest some seizures. This will be a useful precedent for asset-restitution in cyber-enabled fraud cases.
So could some assets be returned to suspects if courts find procedural errors? That would be awful for victims. Clarity on appeals is needed.
Yes, assets can be subject to appeal, which is why transparency and careful documentation are vital. AMLO should publish criteria and timelines for distribution to reduce disputes.
This smells like a cover-up where officials recover just enough to look good. What guarantee do we have that bigger players aren’t protected? I’m cynical but not naïve.
As someone in law enforcement, I resent conspiratorial takes; coordinated ops take months of evidence gathering. That said, vigilance and oversight are necessary to maintain public trust. Independent audits of distributions would help.
We welcome oversight and will work with prosecutors to ensure lawful returns to victims. Transparency isn’t optional for credible enforcement.
I hear you, but until I see publicly available audit reports I’ll remain skeptical.
17 March deadline — mark it. If you were scammed, don’t wait and risk losing your chance. Post offices and online filings are both options so there’s no excuse.
I lost my business capital to a similar app last year and AMLO never answered my calls. I hope this time results are different. Victims need a hotline and case numbers.
Victims should demand written case numbers and insist on a tracking system for claims; lawyers can compile group claims which may be more efficient. Also check if AMLO provides provisional compensation pending final asset adjudication.
Thanks, I’ll ask about group claims and try to find others in my area.
How exactly do we file online — is the AMLO site user-friendly and secure? I don’t trust uploading my bank PDFs unless the portal uses encryption and confirmation receipts.
AMLO states the online portal uses encrypted upload and issues confirmation emails with tracking numbers. If you’re unsure, file in person at an office or send certified mail and keep copies. Always redact nonessential personal details except those required for verification.
Good to know, I’ll try the portal but will keep certified mail as backup.
Beyond OTPs, regulators should mandate independent app audits before listing on popular app stores. Fake payment apps get traction fast, and app vetting can help block harmful services early. Public-private cooperation in threat intel sharing would speed takedowns.
App audits cost money and time — who pays for these checks and how do we avoid stifling small legitimate startups?
A tiered approach can work: critical money-handling apps face stricter audits and fees might be scaled to company size; regulators can subsidize audits for small firms initially to ensure compliance.