Since the initial popularization of the Internet in the 1980’s, hackers have been trying to break into computer systems. In the beginning, it was more of an intellectual game for many hackers trying to prove themselves and earn credibility with other hackers.
In the late 1990’s and early 2000’s, ecommerce sites began cropping up and consumers began using credit cards online. It was at this point that cybercrime became more sinister.
According to a recent Secureworks report, in the past three years, ransomware has grown exponentially and now money mules are poised to be the new Internet hacking tool.
Here’s how money mules can hurt you without even knowing it.
A money mule (sometimes nicknamed a “smurfer”) is the final person in a series of criminals that take part in stealing money and then laundering it. Sometimes, the mule is not even aware that he or she is taking part in criminal activity.
They’re hired by a cyber criminal to act as a courier (either in real life or online) of stolen money from the crime victims to the original criminal’s account. Many of the mules are young people who are lured online to open dummy accounts. These accounts are then used to take in money from phishing scams and other online cons.
Unsuspecting money mules are often caught rather than the cybercriminals.
All the mule has to do is transfer the money from their account to that of their boss. In exchange, they get to keep a small percentage of the money transferred as a “handling fee.” What they may not realize is that they are taking part in money laundering and that, if caught, could face jail time. In fact, money mules tend be caught by the police more than the actual cyber criminal who sets them up.
The money mule scam is also coming into play with ransomware and other cybercrimes. A computer user downloads a piece of malware that locks and encrypts their data files and sends them a message that the files will be deleted if they do not pay the demanded ransom in the form of BitCoins.
The victim then pays the ransom, usually in BitCoin, which goes into a money mule’s account. The mule then transfers the money to the original hacker, making it more difficult for authorities to find determine where the money ultimately ends up.
Hackers use money mules to gather personal data used to transfer and launder money.
Another variation of this type of crime involves the money mule taking in data from the con victim. In this case, the victim is giving up information like bank account numbers, checking or credit card numbers, and even social security numbers, as part of the process of transferring money.
The mule creates a dossier from the data for the hacker to sell, at about $10 a pop on the dark web. It may seem like small change, but when multiplied by thousands of victims, selling stolen data becomes a major moneymaker for the hacker.
How to avoid becoming a money mule.
Many times, the money mule is just as much a victim as the person who is being conned. That’s why it’s important to protect yourself from being used as one. The U.S. Computer Readiness Team recommends being on the lookout for the following warning signs that you are being recruited as a mule:
- The job requires you to move money or goods
- The job requires you to open up multiple banking or wire service accounts
- The job does not have any specific descriptions or duties
- The job is with a company in a foreign country
- The job does not have any requirements for employment
- The job requires everything to be done online
- The job promises great financial rewards for little to no work
- The job is communicated by emails from web-based services and not a company’s domain name
- The job information is communicated in poorly written sentences that do not seem professional.
As cyber crime evolves and takes on new shapes, the criminals are becoming more and more innovative and are finding new ways to use others as a means of hiding their own crimes. Mules have been used for years to transfer illegal drugs. Now, we’re seeing a high-tech variation, but it is still criminal activity that entraps people.
INSUREtrust is committed to your online safety. For more information on how to keep you and your business from being targets of a cyber-attack, sign up for our newsletter full of helpful tips and processes for staying cyber secure.