BANGKOK– Thailand’s Immigration Police have arrested a 50-year-old British man from Northern Ireland after a manhunt that lasted more than two years. Officials identified him only as Josh in early reports. Officers detained him at a hotel in Bangkok’s On Nut neighborhood on Thursday after focused surveillance.
Investigators link the arrest to alleged credit card hacking that caused about 1.7 million baht in damage, with total losses reported at close to 2 million baht. Police described the case as a well-planned cyber fraud scheme aimed at online payment systems.
Immigration Bureau Commissioner Pol Lt Gen Phanumas Boonyalak ordered Immigration Division 1 to carry out the operation. Officers followed intelligence leads and kept the suspect under watch after he avoided arrest since a warrant was issued more than two years ago.
Authorities found Josh staying in temporary lodging in On Nut, a busy area in eastern Bangkok, and took him into custody without a struggle. Police said he tried to stay hidden by using false passport information during hotel check-ins. He also allegedly had different Thai women book rooms for him to reduce attention.
The case shows how hard it can be to track foreign suspects tied to cybercrime, especially when they use local contacts and gaps in visa checks to keep moving.
Alleged Hacking and Unauthorized Transfers
Police said Josh targeted a major online payment gateway, a system that processes digital transactions. Over 11 incidents, investigators believe he broke into the platform and moved money into accounts he controlled.
The company affected by the breaches reported the activity to theThong Lor Police Station, which launched the investigation. Police later gathered evidence that pointed to repeated, intentional unauthorized access.
Investigators said the suspect used weak points in the system to upload forged data, enter false information that caused harm, and access protected parts of the platform without permission. Authorities said this pattern matches cyber fraud methods seen more often across Southeast Asia, where criminals go after digital finance systems for fast payouts.
Charges and Next Steps
Josh faces several charges under Thailand’s Computer Crime Act and related fraud laws. Police wanted him under a warrant issued by the Bangkok South Kwaeng Court (Bangkok South Criminal Court).
Key allegations include:
- Fraud, involving deception to obtain money or other benefits
- Importing forged or falsified computer data into a computer system
- Entering false computer data that could cause damage to others
- Unauthorized access to computer systems protected by security measures
Thai law allows tough penalties for these offenses, especially when losses are high or when acts are repeated over time. After the arrest, officers held the suspect for processing and additional questioning. Authorities said they will hand him over to investigators for the next stage of prosecution.
Officials also said Immigration Police often work with local police stations and cybercrime units in cases involving foreign suspects who hide in Thailand.
What This Means for Cybercrime Enforcement in Thailand
The arrest comes as Thailand increases enforcement against hacking, phishing, and online fraud. Police have stepped up efforts to break up groups that take advantage of growing online commerce.
Cases like this also highlight risks inside online payment gateways and the need for stronger cross-border cooperation, since cybercrime rarely stays within one country. Police believe the suspect avoided capture for years by blending into expat circles and using other people to rent rooms.
Authorities said steady surveillance and careful intelligence work led to the arrest. They also said the investigation will continue, including checks for possible partners and any money laundering routes tied to the stolen funds.
Josh remains in custody while court proceedings move forward. Officials have not shared more details about his background or any past cases outside Thailand. Police asked anyone with information about similar cyber fraud activity to contact authorities.





