'Money Mule' Recruitment Network Exposed
Brian Krebs writes on Security Fix:
In a blog post earlier this week, Security Fix examined the crucial role of "money mules" -- people in the United States who are willingly or unwittingly recruited to help cyber fraudsters steal money from businesses. In this column, we'll peer a bit deeper into how mules are recruited, and how they often communicate with their employers.More here.
Security Fix interviewed one of the mules hired to receive money from Sanford School District, a small school system in Colorado that was robbed of $117,000 last month when hackers used the district's online banking credentials to send sub-$10,000 payments to this mule and 16 others.
The mule I spoke with said she was hired by a company called the Scope Group Inc., which claimed to be a nearly 20-year-old investment firm operating out of New York. The Scope Group did not return e-mails seeking comment, but there is no listing for a current company by that name in the New York State business register. Also, the company's Web site is hosted in China, and its domain name -- www.scope-group.cn-- ends with a Chinese country code. In addition, that domain name was registered on June 25, 2009, just a few weeks before the fraud against Sanford School District was perpetrated.
The Sanford mule -- who spoke on the condition of anonymity out of fear of reprisals by the hacked company and perhaps by the hackers themselves -- said the Scope Group approached her via e-mail, saying it had found her resume on Careerbuilder.com, and would she be interested in a work-at-home job acting as a "financial manager"? Having worked as a payroll manager in a previous job, the mule said she thought it was a perfect fit. Besides, she said, she'd been out of work since March.