Here’s an example of a very sophisticated piece of malware designed to steal money. It was discovered recently in Germany and was used to steal €300,000 in 3 weeks. Here’s how it works:
- You visit a web page that has been hacked. It’s an ordinary web page (such as a news site), nothing looks out of the ordinary.
- A trojan is installed on your computer without your knowledge. It sits there on your PC waiting and watching.
- You log onto your internet banking site. Everything still looks normal.
- The trojan detects that you’ve logged into an internet banking site and it makes a transaction, transferring money from your account to the account of a money mule (more on this later).
- When you look at your bank statement online, the trojan captures the network data and changes it to hide the transaction it made. The numbers it shows on the screen have been altered.
Step 5 is the sophisticated part of this attack. Normally you’d notice if money was transferred from your bank account without your approval, but the trojan hides this by showing you a fake statement on your screen. If you can’t see the money being taken from your account the criminals have more time to keep making withdrawals.
The amount of money it steals is different each time so that the bank’s anti-fraud detectors don’t see the pattern of theft.
More details here on this attack works.
So what’s a money mule?
Stealing money from people’s bank accounts is a big business. Criminals not only write sophisticated malware to carry out the transactions, they also recruit money mules to launder the money.
They place ads online offering jobs to desperate people. These jobs require no experience and you work from home (sound familiar?). People who sign up to these jobs receive money in their bank accounts, then they have to transfer it to someone else’s account. They do this willingly and are paid for it, but they usually don’t know that it’s part of a criminal organisation.
This is how the criminals receive their stolen money and cover their tracks. It’s a form of money laundering and is illegal. And to avoid a pattern detection they usually only use these money mules twice.
Here’s an example of a money mule job ad.
Lessons Learnt:
- Always use an antivirus program that not only scans your PC for malware, but also checks every web page you go to. Good antivirus programs cost money and it’s a good investment to protect your online security.
- Only use internet banking from a PC you trust.
- Always update your PC with the latest patches. For example, tomorrow there’ll be a large Windows update, you should install this as soon as possible (after you make a backup).
- Don’t trust job ads that promise the world for little to no effort.