Cybercriminals Target Unemployed To Launder Money

Top 10 Security Stories Of 2010

What's in store for information security attacks this year? Expect more viruses, malware, spam, and phishing attacks, of course. But in a twist, also expect cybercriminals to devote more time and energy to translating stolen financial information into cash.

So says the "Cisco 2010 Annual Security Report," released on Thursday, which predicts that "the real focus of cybercriminal investment for 2011... will be on improving the success and expanding the number of cash-out services."

The problem for today's online criminals is that they have many more stolen account credentials than they can translate into profit. "Currently, the ratio of stolen account credentials to available mule capacity could be as high as 10,000 to 1," said Cisco senior security researcher Mary Landesman. On forums devoted to selling such information, "there's such a glut of stolen credit cards that they don't even fetch that much."

The barrier is simple: "cash-out" operations are labor-intensive and risky, and may result in arrest. To lower the risk to themselves, cybercriminals often farm out this part to money mules -- teams of criminals who use fake ATM or credit cards loaded with stolen account credentials. Money mules typically withdraw money from a different country than the one in which the target account is located, and outside the other country's banking hours. Criminals' goal is to maximize their haul before financial service organization's fraud departments get suspicious, block withdrawals, or alert law enforcement.

Increasingly, however, these money laundering operations are being built on scams that target unemployed or underemployed people, Landesman said. "Whereas a couple of years ago, money mules tended to be meth addicts or people addicted to drugs who didn't mind taking these risks, today, money mules tend to be people who are just victims."

Such scams increasingly pose as "work at home" opportunities where people's "job" involves receiving shipments of items, repackaging them, and shipping them out of the country. In reality, however, the goods have been ordered by criminals using stolen or fraudulent credentials, as a way to launder their money.

"When you're desperate to put food on the table, you might not look too closely at exactly what you're being asked to do," said Landesman.