After a long search, a 57-year-old man from Yokohama, Japan, was thrilled to finally have a new job. Unemployed since 2012, he had sent out more than 400 résumés before receiving his dream position: a work-from-home job with a generous salary. His first assignment was to complete a simple written survey. However, his second assignment was much different. He was asked to transfer money to Russia via Western Union. Although he found the request odd, he didn't question it because he didn't want to lose his job. Three wire transfers later, the police came to his house and told him he was a "money mule." The funds he'd transferred had been stolen from various local bank accounts. (See
Cyber Wars/Job-seeker turned into 'money mule,' by Yomiuri Shimbun, AsiaOne News Network, Jan. 3, 2014.)
Stories like these are becoming more common around the world everyday, and so it's critical for fraud examiners to recognize the profile of known money mules to aid their investigations.
What's a money mule?
A money mule is a person who's used in a criminal operation to transport and launder stolen money, according to the
United States Computer Emergency Readiness Team (US-CERT). The term is a derivation of "drug mule," which is a person who transports illegal substances over a border.
Victims of money mule scams include individuals, businesses and financial institutions.
Criminals, often who have gained illegal access to business or consumer bank accounts, tend to recruit money mules via phishing emails. According to the
Federal Deposit Insurance Corporation (FDIC), phishing is the act of "fishing for confidential information" during a scam in which a criminal obtains a victim's personal or financial information via fraudulent means.
The FDIC gives typical steps in the phishing process. A consumer will receive an email supposedly from a trusted source (i.e., their bank, the government) requesting personally identifiable information (PII); the email will include a link at which the consumer is asked to provide that PII. But when consumers click the links in the emails, they're instead taken to fraudulent websites where they provide their PII, which cybercriminals steal.
Fraudsters also hire money mules via work-from-home scam ads (such as the victim in the opening case) and task them with money laundering, which they disguise as job duties.
For full access to story, members may sign in here.
Not a member? Click here to Join Now.