Support us by visiting our sponsors and win a €20 Amazon Voucher every month

Follow maltainfosec on TwitterTwitter or RSS 2.0 feed

Aug 10

the online mule

3 Comments »
This article sheds some light on what emails such as the one below consist of:

MAKE EXTRA $$$ WORKING FROM HOME! NO SPECIAL SKILLS REQUIRED! EARN HUNDREDS OR THOUSANDS EACH MONTH!

Mafia and terrorist organizations have been using mules for a long while to launder money.

When it comes to the internet, this is how it works:

  • Phisher starts spamming people with links to phishing sites to steal bank account info and so on

  • At the same some the phisher starts spamming people with these "work from home" emails

  • As bank account details start rolling in, the phisher starts moving small fractions of money to other bank customers who have accepted to "work from home" aka mules.

  • The mules keep a percentage of the money, send the money to the phisher and eventually get caught

  • The phisher gets away with the rest of the money .. and most of the times doesn't get caught

  • Not a happy ending

Posted by Sandro Gauci

2541 hits

0 Trackbacks

Trackback specific URI for this entry
  1. No Trackbacks

3 Comments

Display comments as(Linear | Threaded)
  1. Giannella says:
    08/11/2007 07:37:14 PM

    I somewhat disagree with the above text "MAKE EXTRA $$$...." being a phishing email.

    Normally a phishing site/email would simply be a disguised email pretending to be from a real company. Phishing emails are not usually inviting but rather inclined to alarm the reader. These emails would have something like "We lost your account info, please verify" or "We need to verify if you're a legit user"

    I've discussed this briefly as one of the methods of social engineering in this post: http://gigasecurity.blogspot.com/2007/08/art-of-social-engineering.html

  2. sandro gauci says:
    08/12/2007 09:34:51 AM

    The above text does not identify the "make extra $$$" thing as phishing email. Instead it refers to it as spam because it is unsolicited bulk email.

    First step is a phishing email probably pretending to come from a bank, the second step (which refers to the "extra $$$" email) is not.

    In the end of the day, it's all fraud ;-)

  3. Giannella says:
    08/12/2007 09:53:35 AM

    Yep, can't argue about that.

    I noticed that lately phishing emails are really getting close to the real deal. It is almost impossible for non-tech people to recognize them as spam.

    Thankfully banks like HSBC Malta are sending leaflets, emails and SMS messages warning their customers about such emails. At least there is some sort of prevention.

Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Please consider sending us a small donation to keep this site going. Click the PayPal logo below. Thank you!