Cybercriminals are taking advantage of the COVID-19 pandemic, to lure laid-off individuals seeking jobs or working remotely. These cyber crooks have been targeting this specific class of people to work for them as money mules.
Money mules are used for money laundering which is the common terminology used to describe individuals that transfer illegal money on behalf of the criminals via various means, such as a courier service, electronic transfer, or even physically delivering the money to an address or individual. They are often recruited via online job websites, dating websites, spam emails or social platforms. Scammers may also compromise employers’ websites to search millions of resumes and determine the targets.
Money mules can be categorized into three main groups:
Pharma Hacks can be tricky to discover because the hack is not visible to the website owner. The only way to view these are through search engines when a user is looking for specific drugs. Hackers target sites that rank high and have a massive amount of traffic for better earnings prospects.
Key indicators that a site has been infected with the hack would include an unusual decrease or increase in traffic for no apparent reason. Google might remove your site from the search results for suspicious behavior. To help identify those scams you can use a security plugin to scan your site or opt for a manual scan which could be more challenging.
Common WordPress Vulnerabilities
Unwitting: Individuals who are unaware of being a part of the scam Witting: Individuals who did not pay attention to the red flags and choose to continue the process of transferring money Complicit: Individuals who have full awareness of being money mules
Many times unaware people also fall prey to such scammers who lure the target individual against a fee to open an account and later operate that account on the target’s behalf using his/her online banking credentials.
In the cycle of Money laundering, money mules play three roles. Firstly, placement which is the process of transferring funds to money mule’s bank account. Secondly, layering is the process of moving money into different bank accounts among money mules and criminals. There is a possibility during this phase the money being split into multiple transactions to avoid being traced. Lastly, integration, in this stage funds are reintroduced into the legitimate economy, appearing to have originated from a legitimate source and then the funds transferred back to the financial system of the scammers.
The detection process (KYC-Know your customer) for money mules in banks is becoming complicated nowadays due to the rapid growth of Fintech. Since opening accounts and registration processes are made easier by machine learning and biometric solutions, it is challenging to deploy systems that can assess and analyze suspicious behavior as opposed to a trained human who would have better reasoning.
The focus must shift from waiting until the funds have left a suspicious account to focusing on funds entering accounts to detect mule accounts. Individual banks internally need to focus on capturing mule accounts, but sadly it is not taken seriously by many.