In the recent days, we have seen many emails claiming to be from your bank and asking you to provide the user name, password, ATM Number PIN etc… First of all let me emphasize the fact that these are fake emails. Banks or any other responsible companies will never ask for these details of yours for any reason.
Let me reiterate that never ever respond to such emails. Do not click on the links in these emails as this will lead to fake sites. Entering your online banking username and password to these fake sites will make an attacker to take control of your account and withdraw all the money you have in your account. This scam is normally known as Phishing
I will post another post on the phishing later. In this post, I would like to emphasize the money mule scam which is the hidden side of the phishing.
Extract from Wikipedia about money mules
“Money mule is a person who transfers money and reships high value goods that have been fraudulently obtained in one country, usually via the internet, to another country, usually where the perpetrator of the fraud lives.
The need for money mules arises because while a criminal in a developing country can obtain the credit card numbers, bank account numbers, passwords and other financial details of a victim living in the first world via the internet through techniques such as malware and phishing, turning those details into money usable in the criminal’s own country can be difficult. Many businesses will refuse to transfer money or ship goods to certain countries where there is a high likelihood that the transaction is fraudulent. The criminal therefore recruits a money mule in the victim’s country who will receive money transfers and merchandise and resend them to the criminal in return for a commission”
There are various stages where people are recruited as money mules
First stage is to advertise the job vacancies, usually the work from home scheme. The advertisements will appear in major employment portals and job sites as well as free classifieds sites offering stay at home positions such as financial representative, Fund manager, regional assistant etc… Occasionally these recruitment drive will have well defined company websites which will boost the trust of the person applying for these kind of jobs.
Typical responsibilities of a mule is to transfer the money which is coming into his/her account to an account of the so called company. The mule might have been informed that these transactions are genuine transactions and to fast track these transaction the company needs a financial representative.
Below is a sample email of a typical mule recruitment
We are a small Software Development Company. The company based in Ukraine but at this time we open new office in Bulgaria. We.ve earned ourselves a reputation of a reliable and trustworthy partner working successfully with a number of West European and North American copmanies and providing them with reliable softwaredevelopment services in financial, telecom and media sectors.
Unfortunately we are currently facing some difficulties with receiving payments for our services. It usually takes us 10-30 days to receive a payment from your country and such delays are harmful to uor business.We do not have so much time to accept every wire transfer and we can’t accept cashier.s checks or money orders as well. That.s why we are currently looking for partners in your country to help us accept and process these payments faster.If you are looking for a chance to make an additional profit you can become our representative in your country. As our representative you will receive 8% of every deal we conduct. Your job will be accepting funds in the form of wire transfers and check payments and forwarding them to us. ……
Looking forward to hearing from you.
Director of Electronics
How true it is; isn’t it?
So the end to end actions are like this. Attacker gets a users online banking account using phishing or viruses. Then they recruit the money mules and gets the bank account details of the mule. Once it is done, then they will use the online banking details of the user obtained through phishing (not the mule) to login to the banking site and transfer the money to Mule’s account. Mule believes it as the financial transaction from the parent companies customer and transfers the money after deducting the commission normally through western union or similar service.
So far everything is cool. Now the real problem happens for the mule. The bank’s customer who lost the money registers the compliant with the banks / police. Investigation will show that the money is transferred to the Mule’s account. Mule is caught and asked to pay the money back in full and/or face legal consequences.
This post is gone beyond the length what I have thought, so let me stop here.
The three things you should remember and if possible follow are given below.
- Never ever click through some links in email to access your online banking
- Always be cautious about the additional income jobs and never be a carrier for the money.
- Always run an antivirus on your PC and update it.