By Alessandro Ferraro, Security, Anti-fraud and Threat Intelligence BDM at Kirey Group
Money Muling is a well-established practice aimed at laundering money from activities related to cybercrime, online payment and fraud, drugs, human trafficking, and more.
The goal is to make the money flow untraceable so that it can be monetized by the perpetrators of the illegal activities.
This laundering activity is carried out by "Money Mules": often unaware individuals who use their current account or make their identity available to open new accounts used for revenue transition, such as "mule accounts". Within these accounts, in fact, the sums of money obtained are transferred, which are then transferred to other current accounts, very often in foreign countries, available to criminals.
In exchange for their services, the money mule is charged a fee for the service provided, a sum that is usually around 10%.
Often the Money Mules, while committing a serious crime such as money laundering and transferring money around the world to help criminals keeping anonymity, are not aware that they are conducting an illegal activity, but they are convinced that they are doing a regular job.
As an active part of this action, they are the first target of the investigative police during activities to counter cybercrime, effectively becoming victims to accomplices.
The phenomenon is growing strongly: in the last years the campaigns aimed at recruiting individuals to become unwitting accomplices have strongly increased, also under the pressure of new and enhanced engagement methods, from social networks to the proliferation of targeted phishing, that cybercrime is constantly updating to defraud people.
Money mules are often lured through phishing emails with with apparently legal job ads (for example as a "financial agent" or "money transfer agent") and that promise an easy and well-paid job.
The profile most sought after by these organizations is that of newly arrived immigrants, unemployed, students or people with economic difficulties. These are usually young men, between 18 and 34 years old, who receive seemingly lawful online messages. Sometimes people contact potential victims directly either by e-mail or by using other communication channels such as social media with Facebook posts on closed groups or Whatsapp instant messaging.
However, there are simple and fundamental practices that users can adopt to avoid being lured. It is necessary to maintain a critical spirit and grasp these premonitory signals, as should always be done to avoid falling victim to phishing or other computer scams.
First of all, be attentive to the details of the email and the site. Ads often recreate the website of a real company with a similar domain to make the scam more believable, but these emails often use a general web domain (Gmail, Yahoo, Hotmail or others) and not corporate. It is therefore necessary to always check carefully which is the domain to which they refer and the extension of the mail.
A further fundamental suggestion is to check the real existence of the company. Always keep in mind that if a job offer looks too good to be true it is very likely that it is not!
These advertisements generally indicate that a foreign company seeks "local/national representatives" or "agents" who act on their behalf for a period of time, sometimes to avoid high transaction costs or local taxes. The position usually does not list educational or experience requirements and does not describe specific tasks. Immediately, the offer specifies that the location implies the transfer of money or assets and specifies how all interactions and transactions will be online.
In summary, these offers always promise "an easy and well-paid job": a potential significant gain in the face of a small commitment.
The only way to fight money muling is to start from the users and promote a real and increasing awareness, in particular to make all users of home banking services and other online services aware of the existence of these mechanisms and to educate them to be wary of such ads.
Today this is a commitment strongly shared by the main financial institutions and national and international investigative police, as confirmed by the latest edition of the communication campaign #Dontbeamule, specially promoted to combat and prevent the phenomenon, and by part of the sixth edition of the operation EMMA (European Money Mules Action), coordinated by Europole in 26 countries and ended in December last year.
According to EMMA data, in Italy data on this phenomenon of money laundering is growing strongly and fraudulent transactions have been 744 (twice as much as last year); nevertheless, there was a prompt response from the State Police, which made it possible to identify 257 money mules throughout the country, and to recover EUR 3.6 million, while the total amounts lost amounted to about EUR 5 million.
The first instrument to prevent these illegal practices is information. In fact, as confirmed by EMMA, the strong collaboration between the banks committed to spreading information about risks on their communication channels has determined the achievement of this result, together with the ability to equip themselves with the right technologies.
The main advice for users is therefore to always be very careful whenever you perform online transactions because cybercrime is growing every day and you need to protect yourself and report any potentially illegal action.