• Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

"Mule" emails on the Rise

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering

View previous topic :: View next topic  
Author Message
Tom Bair
SF Boss
SF Boss

Joined: 10 Aug 2002
Posts: 16776955
Location: Portland, Oregon USA


PostPosted: Tue Dec 09, 2008 5:00 pm    Post subject: "Mule" emails on the Rise Reply with quote


SAN JOSE, Calif. (AP) - The worsening economy appears to be helping computer crooks with one of their toughest tasks: tricking people into opening their homes and bank accounts and becoming "mules" for laundering money or stolen goods.

The scams themselves aren't new. They're pitched in spam e-mails as "work-at-home" jobs that promise excellent part-time money for helping companies pay clients in other countries. The victims are asked to open new bank accounts in their names, agree to accept anonymous payments into those accounts, and forward those payments by way of money transfer, usually to locations in Eastern Europe.

The scam is classic money laundering with an Internet twist. The money is generally real, and the middle man is promised a cut. What those middle men may not know is they're trafficking in ill-gotten gains and helping criminals pay each other while disguising the source. And the mules are often the ones at the greatest risk of arrest.

Savvy computer users usually identify this as a scam. But security researchers say more people are willing to take a risk on the come-ons as unemployment rises and the volume of the mule e-mails increases.

"When people are scared of a job going away, or they're worried about having money to pay bills, they might look at something like this in a different light than when things are rosy and great," said David Marcus, McAfee Inc. (MFE)'s director of security research and communications.

The ads for these jobs are getting more convincing, but part of their allure is they are light enough on details that someone who wants to believe badly enough in easy money can convince themselves the messages are legitimate. The job titles offered in the spam generally include variants of "international sales representatives" or "shipping managers."

McAfee's annual "Virtual Criminology Report," which is set to be released Tuesday by the Internet security company, says 873 money-mule recruitment Web pages were detected in Britain in the first half of 2008, a 33 percent increase over the first half of 2007. That data was compiled by APACS, the United Kingdom's payment-industry trade group.

More evidence emerged from a recent study by Panda Security, a Spanish software vendor that found that job-related messages hit a new record of 0.31 percent of all spam in October, nearly triple the proportion from August. And the success rate in recruiting money mules rose to 1.8 percent in October, from 0.5 percent in August.

The company tracked those figures by partnering with another large security firm, which wasn't identified in its report, that was monitoring active mule networks. Panda Security looked at seven large money-mule operations in North America.

Computer attacks in general have sharply increased in the past few months.
IBM Corp. says the number of daily attacks it spotted against Web servers and computer networks increased 30 percent over the past four months, to more than 2.5 billion attempted incursions worldwide.

"Those are very scary numbers," said Gunter Ollmann, chief security researcher for IBM's X-Force security services team.

Pasted from <http://apnews.myway.com//article/20081209/D94V7F0G3.html>
Back to top
View user's profile Send private message Visit poster's website
SF Mod
SF Mod

Joined: 06 Oct 2004
Posts: 24
Location: Leeds, UK


PostPosted: Thu Dec 11, 2008 10:01 am    Post subject: Reply with quote

Here in the UK you see the same sort of "work from home" offers fly-posted on lamposts, put under windscreen wipers of cars in supermarket car parks and even posted by hand through letterboxes. Usually light on details, but those that give any information normally sound like money laundering mule recruitment.
Of course, some people may well know that what they are doing is illegal, but as long as they get paid and not caught, they don't care - the victims of the original crime (eg credit card fraud) are miles away. They reassure themselves that the only true victims are the banks and insurance companies, and that some Uncle in Idaho or single mom in Iowa will have been reimbursed for their folly. Even when people have got their money back (form their credit card issuer, for example), this only serves to push up bank rates, charges and insurance premiums for everyone.
These people who are prepared to "turn a blind eye" are no different from the guy who will happily buy a 32" flat screen TV from some shady character in a bar for a quarter of its high-street value. They know it must be stolen (from a lorry, a store, or someone's home) but they get a bargain and "no-one is really harmed".
If it sounds too good to be true - it's probably illegal and/or immoral.

Of course, all successful scams and social engineering rely on context to make them more plausible. At the moment the UPS invoice trojan emails are doing the rounds again with new variations. Presumably in the run-up to the Christmas season more and more people are sending things across the country and might fall for the line "we could not deliver the parcel you sent, print this off and call us to get your parcel back".
I expect to see more variants of this in the coming weeks - things like "we tried to deliver a parcel to you but you were out - print the attachment and bring it to your local collection depot", and the customs invoice type as well (as people buy things online from retailers abroad for that special gift, or from e-bayers around the world).
(Incidentally, apart from the UPS and customs ones, I have not seen variants 'from' any other courier companies. Should UPS take that as a compliment that their name is internationally known and trusted and worth abusing in this way?)
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering All times are GMT + 2 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register