Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: The mule network

Alvin Ow | July 8, 2011
In the ‘old days’, fraudsters who controlled mules mostly recruited them in the real world. Today, they have cracked the formula of herding mules online.

These services use independent workers who register online to call businesses and evaluate the level of customer service administered. As fraudsters operate "by-fraudsters for-fraudster" call centres, it's only a matter of time we'll see them recruiting mules for these positions as well.

While recruiting unwitting mules definitely has its benefits, they are still much harder to manage than accomplices. Another mule-related trend is that the accomplices of the fraudsters who fly to another Asian city open bank accounts using fake passports and receive fraudulent money transfers to those accounts.

'Bottleneck' of fraud

Travelling mules from other countries are becoming popular not only in the United States, but in other countries as well. The proliferation of budget airlines has made it profitable to send accomplices across the border. We've seen cases where mule herders purchased their mules' flight tickets with stolen credit cards and sent them across the border just to pick up some items bought with a different set of stolen cards.

Mules have been considered to be the "bottleneck" of fraud. While fraudsters have the capabilities of stealing millions of credentials, eventually they can cash out only as many mules as they have access to. Fraudsters are aware of it just as much as security professionals and they invest their efforts, resources, time and ingenuity to open this bottleneck as much as they can.

Because of it, we can expect new scams and innovations coming from fraudsters not only in the realm of obtaining credentials or new ways to cash them out, but also in establishing the infrastructure that allows them to do just that.

Alvin Ow is director, technology consulting Asia Pacific & Japan, RSA.


Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.