Educating our account holders about online banking fraud and what they can do to protect themselves is an important part of Standard Bank’s fraud prevention strategy. While it’s a fact that today’s complex fraud schemes have demonstrated an ability to get by end user defenses, whatever our valued account holders can do will make it that much harder for cyber criminals. Every layer of defense that we can individually and collectively put in place will only make all the protections stronger. We value our customers highly and the more you know about the fraudsters and how they attack, the more effective you can be in defending your own account, both here at Standard Bank and elsewhere.
Do you know your enemy?
It’s not about caffeine-fueled kiddies in the basement anymore. Fraudsters are professional, organized, and often part of highly-funded criminal networks. Their kind are not limited to third world countries as they also exist in industrial nations across the globe, making it difficult to use geo-location technology to block them. In China alone, there are an estimated 40,000 cyber gangs. These gangs often work in operational teams, dividing labor according to their area of criminal expertise. One team may be experts at specific banking platforms, writing or adapting malware, or signing up money mules.
Let’s get cozy with the game plan; it’s rather simple:
- Set up money mules. These used to be people oblivious to the criminal activity taking place, recruited online to simply move money from here to there and keep a share as their commission. Mules have evolved into people who are well aware of what they’re doing and are active members of the criminal gang.
- Steal online banking credentials or install malware through a phishing attack or other scheme we’ll discuss in our next blog post.
- Breach online banking accounts using stolen credentials, a banking Trojan, or other sneaky methods.
- Transfer funds to money mule accounts.
- Collect the money from the mules. Funds are often moved through Western Union or similar services where the stolen funds are converted to cash and become extremely hard to trace, but sometimes using more varied techniques like directly the mule to buy precious stones from local jewelers.
Pretty simple, huh? Not so fast. There are numerous variations and schemes they use at each stage. We’ll save those for next time when we’ll see if Angry Birds are actually giving your credentials away.