Categories

Money Mules, If it looks too good to be true…

It is a sad state of affairs, but email is still a viable attack vector for the bad guys, and today I wanted to touch on the “fabulous job opportunities” that sometimes arrive in you email inbox.

Mule

We know one of the things that malicious actors try to get, when they infect computers with their malware, is credentials, more specifically banking credentials.

This begs the question,  what do they do once they have these credentials?

In the past, cyber criminals tried to transfer money directly out of the victim’s bank account and into a one that they controlled.

There are distinct disadvantages to this method, as this leaves a clearly visible paper trail and financial institutions soon started to implement fraud detection flags. If the bank saw Grandma, transferring her life savings to a bank in Romania, they started treating that as a red flag for fraud.

Enter the “money mule”.

A money mule is a person who is local to the compromised account, who can receive money transfers with a lesser chance of alerting the banking authorities.

These money mule retrieve the funds and transfer them to the cyber criminal.

When the victims financial institution investigates the fraud, they can retrace the funds only up to the money mule, who is left holding the bag, and faces criminal charges, while the cyber criminal, residing in a different country, under a different jurisdiction, gets away scot-free.

This would still seem like a fair outcome if the money mule had entered into this proposition knowing what was at stake. Most often they are victims themselves, having been duped into believing that the money transfers were performed as part of a legitimate work at home business.

After the muling is up, they are often victims of identity theft as well.

The money mule recruiters are a crafty bunch, and here are some of the tricks they will use:

  • They send job pitch emails, pertaining to be from online job search websites such as Workopolis.com, Monster.com, and jobs.com. Although not fool proof, checking the “from” field in emails is always advised.
  • A potential employer will never be sending emails from a webmail client. Recruiters will never use an address such as yahoo, hotmail, or g-mail.
  • Also ask yourself, are you presently looking for employment, have you recently used the sites that the recruiter is using in this correspondence?
  • Both the examples I provided have pages describing such fraud.

http://www.workopolis.com/content/about/security

http://inside.monster.com/money-laundering/inside2.aspx

The Job Pitches sometimes have typo’s.

  • Legitimate job offers will almost never have typographical errors.

While the common wisdom has been that as the job application questionnaires, supporting websites, and employment contracts used by fraudsters contain typos as they are fakes, and shoddily constructed, some have postulated that these errors are intentional.

This assumes that the potential victim who cannot recognize something is amiss, by the presence of typographical errors, will make an even easier mark.

If you coincidently happen to be seeking employment when you receive these job offers, here are some positions that should raise suspicions:

  • Financial Manager
  • Private Financial Receiver
  • Financial Agent
  • Private Financial Broker

All of the “positions” have one thing in common. They require you to use your personal banking account to conduct business. This should be a huge red flag.

A legitimate employer will never ask you to use your personal bank account as part of your employment.

The job involves money transfer business. (Western Union, Cash Sender, MoneyGram, etc)

  • Any employment that involves money transferring services should also be a huge red flag. While money transferring services such as Western Union are not illegal in of themselves, a business that relies on such a service for the employee to retransmit funds is almost certainly fraudulent.

Businessman wearing a dunce hat

Spotting that your potential employer is fraudulent is increasing in difficulty as we are seeing turnkey money mule recruitment websites templates that are offered on criminal forums.

We have heard of lengthy phone interviews, and legitimate looking questionnaires, all designed to reinforce the illusion that the employment offer is genuine.

Here are the key points to take away:

Unsolicited job offers, coming via emails will not end well.

Offers that require you to use money transferring services will also not end well.

If it looks too good to be true, it probably is.


  • https://www.facebook.com/pink.jellybeans Pink Jellybeans

    Please add romance scammers to this list of money mule warnings. Gangs of west African criminals work round the clock to befriend and romance victims with the sole intent of taking their money and/or turning them into money mules. Being fooled by a fake job offer is one thing, but being recruited by someone who claims to love you (while pretending to be a nice looking westerner) has limitless possibilities for these scammers to abuse their victims. Not only do they launder incredibly large sums of money but they steal millions of dollars in merchandise and electronics by way of unsuspecting mules. Bottom line rule is: Never send money or merchandise to an internet ‘relationship’ you have never met face to face. Phone calls and even web cam chats don’t count as they are often faked.

Subscribe to our YouTube Channel