For a more recent article on money mules, read “How Cybercriminals Use Money Mule Accounts to Profit From Online Fraud.”

A money mule is someone who receives and transfers illegally acquired money on behalf of others. Money mules may or may not receive a commission in return for their involvement. They have played an important role in fraud and money laundering for decades. Some mules are aware that they are part of an illicit scheme, while others are unaware or merely suspect it. As new technologies and trends emerge, money mules and criminal organizations exploit systems to defraud people.

Visa Waiver Program

Recent trends are showing that money mule herders, people who specialize in recruiting and organizing mule activity, are starting to utilize the U.S. government’s Visa Waiver Program (VWP) for their illicit activities.

The VWP is an international agreement between 38 countries. The U.S. State Department states that it currently allows citizens of participating countries to travel to the United States without a visa for stays of 90 days or less if they meet certain requirements. Travelers must be eligible to use the VWP and have a valid Electronic System for Travel Authorization approval prior to travel. The VWP permits travel within the United States for purposes of tourism and certain business activities.

VWP mule activity has been observed in the past 12 to 18 months. The activity, to date, involves young adults from VWP countries being recruited to travel to the United States and open deposit accounts. Upon their arrival, the mules will open multiple bank accounts at various financial institutions in their true name and then provide the bank account information to their handlers.

The scheme usually involves an electric funds transfer deposit to the mule account, but it has also been used to deposit tax refund checks obtained through tax refund fraud schemes. The mules know that they are involved in an illicit scheme, but they don’t likely view what they are doing as illegal. Furthermore, they believe — or have been told — that they are beyond the reach of U.S. law enforcement once they are back in their home country.

Mobile Money Mules

Another potential emerging trend has to do with money mules and mobile devices. There is little if any data on this trend, though it is certainly on the rise.

The concept of the mobile money mule will make its way onto the landscape of fraud and money-laundering vectors over the next few years, for which financial institutions will need to account.

It is evident that consumers desire the ability to perform banking transactions on their mobile devices. A review of data about mobile banking adoption from the Federal Reserve Board found the following:

  • Thirty-three percent of all mobile owners and 51 percent of all smartphone owners have used mobile banking in the past year.
  • Twelve percent of mobile phone owners who are not using mobile banking now think that they will in the next year.
  • Ninety-three percent use mobile banking to check balances.
  • Fifty-seven percent use mobile banking to transfer money between accounts.
  • Thirty-eight percent have deposited a check in the past year, up from 21 percent in 2013.
  • Seventeen percent have used their phone to make a payment in the past year.
  • Sixty-six percent of the mobile payments were bill payments through an online banking system.

Recent history has shown that cybercriminals proficiently adapt and exploit new technologies and trends. As consumers increasingly adopt mobile banking technology, there will naturally be a demand to do more types of transactions from their mobile device. Financial institutions will strive to provide customers with the option to do everything via mobile that they can do now at a physical branch. The customer experience and lower cost of transactions will drive that expansion.

This technology will not likely change the money mule process; however, it may make it easier for criminal syndicates. They will have the ability to establish new accounts through the mobile channel rather than having the money mules physically go into a branch. This removes the potential detection of suspicious account openings through human interaction.

The ability to open accounts and direct all other transactions through the mobile channel will increase the velocity with which criminal groups may operate. This gives them more flexibility in the way they communicate and interact with their mules.

One may speculate that increased mobile transaction offerings may eliminate the need for criminal groups and mule herders to recruit money mules. If new accounts could be opened and all other transactions could be executed via mobile, why would a money mule be needed? Accounts could be opened in fake names with fake credentials as they are today, but from the mobile platform. Electronic fund transfers could be initiated out of the financial institution to a third party from a mobile device. The less human interaction that is needed, the more flexibility is provided to the criminal.

It is challenging to anticipate the ways in which mobile banking will enable criminal groups’ ability to commit fraud and launder money through the use of money mules. What is known, based on past evidence, is that they will adapt and exploit new technologies and services.

More from Fraud Protection

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today