Do you feel safe online? Keep yourself up-to-date with online security and PC performance with the ParetoLogic Online Safety and ParetoLogic Performance Solutions. These monthly publications, delivered by email, are chockfull of interesting news stories, tips for protecting yourself online, ways to make your PC faster and more stable, and product information.
Sign up now for free.
Want to get up to speed and be more secure? Past editions of the ParetoLogic Online Safety and ParetoLogic Performance Solutions email newsletters are filled with interesting stories and great tips to enhance your computing experience and improve your PC's performance and optimization. Now you can check out past issues through our archives and never miss another edition!
While cybercriminals utilize technology to loot bank accounts, they rely on real flesh and blood to get them the cash.
Money mules – who transfer stolen money to their bosses – are an integral part of high tech crime. They are the ones who do the risky, dirty work, while the ringleaders hide behind computer terminals, often an ocean away. The money mules seem to come from various walks of life and some might be unwitting pawns in cybercrime operations.
There is no question though that these mules help cybercriminals make a lot of money. In August, hackers took about $680,000 over two days from the Catholic Diocese in Des Moines, Iowa, according to a Nov. 22 Associated Press story. The article explained that in September the U.S.'s Federal Bureau of Investigation and associated agencies brought down a ring they first learned about in May of 2009. Since then, the investigation into what has been called Operation Trident Breach has revealed losses of more than $14 million – mostly from individuals, and small and medium-sized businesses.
So, how does it all work? It often starts with someone receiving an email. These could be from a company manager or someone else who might send an email to a large group of people. Or, in what is called a phishing scheme, these emails could appear to be from a trusted institution, such as a bank, the IRS, or an often used company like UPS.
In some scenarios, clicking on the link in the message takes the user to a page where they are asked to enter in confidential information, such as banking or credit card numbers. In other situations, by clicking in the email, the user downloads a Trojan horse infection. Once installed, this malware collects log-ins, passwords and account numbers and sends it all to its master.
Cyberthieves use this info to loot accounts. They transfer the funds into shell bank accounts set up by the money mules. After the money comes in, the mules withdraw or transfer it. They do so in small amounts in an attempt to avoid attracting the attention of banks and the police. Although it varies, money mules usually keep about eight to 10 per cent of the money, according to the AP article.
Whether or not the money mules are aware they are committing a crime seems to vary, according to various accounts. Mules are often recruited via work-at-home job ads on popular job search websites, according to blogger Brian Krebs of Krebs on Security. The ads used and the work-at-home recruiting sites often appear legitimate. In a Sept. 13 posting, Krebs described a site that utilized video to explain the process, showed many photos of "employees" (stolen from other sites) and even had an Agent Awards section.
Applicants are told they are acting as agents for an international finance company. They are instructed that the clients, for various reasons, cannot move payments overseas in a timely fashion so the agents are there to help.
In a Jan. 13 posting, Krebs told the story of a 65-year-old female money mule from Von Omy, Texas. She withdrew $9,099 from her account and wired it to three different accounts in Eastern Europe. For her work, after paying the transfer fees, she received $500.
"I'm a senior citizen on a fixed income, and I hate to say it, but I did make some good money," the woman, speaking on condition of anonymity, told Krebs. "I knew it was too good to be true after making that doggone much money in one day, but it helped me out a lot."
Sometimes the money mules are quite young. The AP article stated that it is not unusual for recruiters to seek Eastern European students that have U.S. visas.
The majority of the reported money mules' work appears to be done in the United States. However, their bosses are often more safely located in overseas, especially in Eastern Europe.
Usually the mules must walk into banks in plain sight and open up accounts. To do so, they might even use their own identification. However, some mules use false information and are prolific.
The FBI alleges one immigrant from Moldova opened at least six bank accounts using three names, according to the AP story. Another, from Russia, reportedly opened eight accounts at three different banks using five aliases.
In May of this year, the FBI announced it will be prosecuting money mules.
"We want to make sure the public understands this is illegal activity and one of the best ways we can think of to give that message is to have some prosecutions," Patrick Carney, acting chief of the FBI's cyber criminal section said in a May 11 Krebs on Security article. "We realize it's not going to make the problem go away, but it should help raise awareness and send a signal."
Each month ParetoLogic features one of its sophisticated powerful software products for you to try and enjoy!
To learn more about this month's featured product, click on the buttons below; they will allow you to download the product, explain how to download the product or let you view an informative video about this exciting solution.