The Justice Department said this week that it is cracking down on money mules, i.e., middlemen who assist in fraud schemes by receiving money from victims and forwarding proceeds to foreign-based perpetrators.
So far, feds say they have halted more than 600 domestic money mules – exceeding the 400 money mules stopped last year. Of these, more than 30 individuals were criminally charged for their roles in receiving victim payments and providing the fraud proceeds to accomplices. The Department of Justice (DoJ) said this is triple the number of criminal prosecutions brought against money mules in last year’s initiative.
“The Money Mule initiative highlights the importance of partnership to stop fraud schemes, and it sends a message to all who are engaged in money mule activity that they will be caught and prosecuted,” said FBI Director Christopher Wray,in a statement this week. “I want to thank our state and local partners for all their efforts to protect the American people from these threats.”
Money mules are typically involved in elder fraud schemes (such as scams where grandparents are called and told their grandchildren are being held for ransom in foreign countries); romance scams; lottery and sweepstakes scams; IRS and Social Security Administration impostor scams; veteran and social security benefit redirection scams; and technical-support scams.
The Federal Bureau of Investigation (FBI) this week simultaneously warned of such scams, using an Oregon family as a cautionary tale for consumers; they were scammed out of their life savings from schemes that involved money mules
According to the FBI, in the midst of purchasing a new house last year, Aaron Cole and his wife received an email on Dec. 4, purporting to be from their title company, who had recently told them they would soon be in touch with instructions for sending over a down payment. The email asked them to send $122,850 as a down payment to the account number in the message.
The email looked normal: “I grew up with computers,” Cole said. “I know not to click on anything suspicious. Nothing about this looked suspicious.”
However, a few days later, the family received a phone call from the legitimate title company asking them to wire over the down payment. It took the title company representative “just moments” to figure out what had happened: The Coles had been the victims of an email compromise scam, and had wired their money to a criminal who had spoofed the title company’s email address and sent them fake wire instructions.
Making matters worse, the Cole family had already sold their existing home – meaning they were essentially homeless and had little left in their savings. Luckily, the title company helped the Cole family cover their down payment in exchange for their help alerting others about email compromise scams.
However, others haven’t been so lucky – according to the FBI’s annual Internet Crime Report (IC3) losses from business email compromise (BEC) attacks almost doubled year-over-year in 2018, to reach $1.2 billion.
At the same time, infamous BEC groups like London Blue, Scarlet Widow and more are continuing to hone their techniques and targets to tap into this lucrative business, researchers have noted.
“What happened to the Coles was due to the deliberate actions of the online criminals who compromised an email account to steal from them, but the criminals could not have carried out the scheme without the involvement of money mules,” the FBI said.
Free Threatpost Webinar: Risk around third-party vendors is real and can lead to data disasters. We rely on third-party vendors, but that doesn’t mean forfeiting security. Join us on Dec. 18th at 2 pm EST as Threatpost looks at managing third-party relationship risks with industry experts Dr. Larry Ponemon, of Ponemon Institute; Harlan Carvey, with Digital Guardian and Flashpoint’s Lance James. Click here to register.
