For a more recent article on money mules, read “How Cybercriminals Use Money Mule Accounts to Profit From Online Fraud.”

If “money makes the world go ’round” (according to “Cabaret”), then money mules make the fraud economy go ’round. A valuable asset in the world of fraudulent activities, money mules enable cyber criminals to cash out stolen money. After cyber criminals take over a victim’s account, they enlist the help of a third person — a mule — to retrieve the money and send it to them in an untraceable manner.

The Money Mule

Typically, criminals manipulate a money mule into receiving money from a victim’s account and transferring the money to the criminal using a payment service, such as Western Union or MoneyGram. To do so, fraudsters set up fake company websites that they use to recruit “financial managers” to manage the firm’s funds. The financial manager’s “job” is to receive payments from the company’s clients and then forward the payments (save a 2 to 10 percent commission) to company managers via a payment service. This tactic is the first lesson in Money Laundering 101.

Bogus websites that are used as fronts for recruiting money mules have been around for many years. The security team at IBM recently identified a Russian forum member who took the liberty of perfecting this scam and is now offering a universal money mule recruitment site kit.

The forum member offers a complete mule recruitment template package, including a back-end administration system, website template, spam e-mail templates, mule correspondence templates and more. The entire package is preconfigured for a fake brokerage company that is searching for “talented people to join our team of professionals.” IBM’s investigation uncovered a map of the company’s headquarters, which is conveniently located in the Moscow University campus.

The e-mail correspondence templates (titled “templates for drops”) include a number of scenarios in which the criminal needs to contact the money mule. Here are some examples:

Recruitment

Registration

Employee Details

Money Transfer

Some of the templates include requests for additional data or access to the mule’s bank account:

This package offers a comprehensive solution for those engaged in cyber crime, covering every aspect from mule recruitment to cashing out. This offering demonstrates, once again, that mules are critical players in the fraud ecosystem. Similar to the cases of the website targeting universal MitB and the credit card-targeting universal MitB, analysts are witnessing offers in the cyber underground that provide potential buyers with flexibility and scalability. Consumers must be made aware of these types of scams, as well as the perils of “work from home” offers that involve money transfers and questionable incoming transactions.

As a rule of thumb, any doubt is enough doubt. Online offers that seem even mildly suspicious are probably illegal.

View on-demand webinar: Cybercriminals Never Sleep