Category Archives: Employment Fraud

How Cybercriminals are Weathering COVID-19

April 30, 2020

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals.

Coronavirus Widens the Money Mule Pool

March 17, 2020

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that spoofs a major nonprofit and tells new employees they’ll be collecting and transmitting donations for an international “Coronavirus Relief Fund.”

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

December 16, 2019

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices. What follows is an insider’s look at the back-end operations of this gang.

Feds Target $100M ‘GozNym’ Cybercrime Network

May 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name.

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

October 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. Combating such a multifarious menace can seem daunting, but in truth it calls for concerted efforts to tackle the problem from many different angles. This post examines the work of a large, private group of volunteers dedicated to doing just that.

‘Money Mule’ Gangs Turn to Bitcoin ATMs

September 29, 2016

Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly, however, the mules are being instructed to remit the stolen money via Bitcoin ATMs.

‘White Label’ Money Laundering Services

August 4, 2014

Laundering the spoils from cybercrime can be a dicey affair, fraught with unreliable middlemen and dodgy, high-priced services that take a huge cut of the action. But large-scale cybercrime operations can avoid these snares and become much more profitable when they’re able to disguise their operations as legitimate businesses operating in the United States, and increasingly they are doing just that.

Big Bank Mules Target Small Bank Businesses

January 28, 2013

A $170,000 cyberheist last month against an Illinois nursing home provider starkly illustrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions.

Donkey Express: Mules Take Over the Mail

September 10, 2012

This blog has featured several stories on reshipping scams, which recruit willing or unwitting U.S. citizens (“mules”) to reship abroad pricey items that are paid for with stolen credit cards. Today’s post highlights a critical component of this scheme: the black-market sale of international shipping labels fraudulently purchased from the U.S. Postal Service.