About Us | Contact Us
View Cart

Fraudulent Work-at-Home Funds Transfer Agent Schemes

By Dan Hadaway | Thursday, October 29, 2009 - Leave a Comment

The Federal Deposit Insurance Corporation (FDIC) is warning financial institutions of an increase in schemes to recruit individuals to receive and transmit unauthorized electronic funds transfers (EFTs) from deposit accounts to individuals overseas. These funds transfer agents, often referred to as “money mules,” are typically solicited on the Internet by criminals who have gained unauthorized access to the online deposit account of a business or consumer. In a typical scenario, the criminal will originate unauthorized EFTs from a victim’s account to a money mule’s deposit account. The money mule is then instructed to quickly withdraw the funds and wire them overseas after deducting a “commission” (commonly eight to ten percent).

Criminals target online deposit accounts at institutions where business customers can originate EFTs, such as automated clearing house (ACH) and wire transfers, over the Internet. Money mules, however, can be customers at any depository institution where EFTs can be received and funds withdrawn. In some cases, the money mule may be an unknowing accomplice in a fraud scheme. Because EFTs are often made immediately available by the receiving institution, funds may be removed and wire transferred overseas before the fraud is detected. Refer to SA-147-2009 for more information on fraudulent EFT schemes.

Money mule schemes can take many different forms, but most involve receiving unauthorized EFTs into a deposit account and then withdrawing the funds or forwarding them on to another party via another EFT.

The following are common scenarios:

  • Online job posting Web sites are used by criminals to locate individuals seeking employment with flexible work hours that can be performed from home. These work-at-home schemes often involve written employment contracts, job descriptions and procedures to legitimize the scam.
  • Advance fee scams promising large monetary rewards for acting as a financial intermediary can entice individuals to participate in this activity.
  • Mystery shopping jobs may be used that require the employee to assess the performance of money service businesses by completing EFTs and then evaluating the service using customer satisfaction forms.
  • Social networking sites may be used to recruit individuals to act as money mules. Criminals conjure up various imaginative stories to befriend and persuade individuals to receive and forward stolen funds.
  • Some hesitant or skeptical money mules have been intimidated, harassed and threatened by their criminal “employers” to process the funds transfers quickly and with secrecy.
  • The personal identifiable information provided by the money mule might later be used to commit identity theft or account takeover.

The following are examples of events that may indicate money mule account activity:

  • A deposit account opened with a minimal deposit soon followed by large EFT deposits.
  • Deposit customers who suddenly begin receiving and sending EFTs related to new employment, investments, business opportunities or acquaintances (especially opportunities found on the Internet).
  • A newly opened deposit account with an unusual amount of activity, such as account inquiries, or a large dollar amount or high number of incoming EFTs.
  • An account that receives incoming EFTs then shortly afterward originates outgoing wire transfers or cash withdrawals approximately eight to ten percent less than the incoming EFTs.
  • A foreign exchange student with a J-1 Visa and fraudulent passport opening a student account with a high volume of incoming/outgoing EFT activity.

Money mule activity is essentially electronic money laundering addressed by the Bank Secrecy Act and Anti-Money Laundering Regulations. Strong customer identification, customer due diligence, and high-risk account monitoring procedures are essential for detecting suspicious activity, including money mule accounts. Financial institutions can find additional guidance about customer identification, account monitoring, suspicious activity reporting, and identity theft red flags below:

FDIC Risk Management Manual of Examination Policies – Bank Secrecy Act

FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual

FFIEC Identity Theft Red Flags – Interagency Final Regulations and Guidelines

Financial institutions should act promptly when they believe fraudulent or improper activities have occurred, such as those of a money mule. Appropriate actions may include, but are not limited to, filing a Suspicious Activity Report and/or closing the deposit account in accordance with existing, board-approved account closure policies and procedures.

Cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to [email protected]. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online Customer Service Form.


Original notice as posted by the FDIC: Special Alert: SA-185-2009


 

Latest News
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around […]
    The joint cybersecurity advisory includes the 15 most exploited vulnerabilities reported in 2021… An article review.  While a lot of attention is focused on previously undisclosed or “zero day” attacks, some of the most likely attack vectors are vulnerabilities that have been widely known for weeks or even months.  That’s according to a new joint […]
    Threats are changing, EDR can help us adapt . . . Today’s advanced persistent threat (APT) understands that the IT landscape has changed. In the post-COVID age, more and more organizations have adopted some form of work from home.  While WFH offers many conveniences, it also imparts increased risks. BitSight conducted a 2021 study of […]
    The Five Precepts of IT Vendor Management Webinar-Movie We’re going back to basics on Vendor Management. This webinar will give you a training tool to help out that new person that is starting to take on the gargantuan task that is Vendor Management.
    A new way of helping people “read” new guidance… Look for more in the future! To save you time, we are proud to present “Adam Reads” . . . recorded versions of our Guidance Summaries! Below you can find an embedded player for the audio file. If you are having issues with that working, you […]
    You think you’ve finally found stability in your to-do list. Your goals are set, and you’re even making great progress on them all. Audit findings: all addressed. Management requests: Under control. Heck, you might even be able to leave the office five minutes early at least once this year. Then BAM! A press release from […]
    Software Bill of Materials (SBOMs) are becoming more and more important. . . We are all very familiar with one aspect of the software supply chain – updates.  New features, bug fixes, and performance upgrades are a regular occurrence to any device’s lifecycle, however what if these kinds of updates also include deliberately malicious code? […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around […]
    According to a new survey, more organizations than ever are reporting problems with cybersecurity staffing… An article review. While pandemic related mandates and restrictions are gradually being lifted across the country, many organizations are still feeling the effects in one important area: staffing.  That’s according to ISACA’s annual State of Cybersecurity survey, which asked over […]
    Understanding Banking Trojans… Another Technical Article by Tanvee Dhir! What are Banking Trojans? A trojan is a malicious program that masquerades as a genuine one. They are often designed to steal sensitive information from users (login passwords, account numbers, financial information, credit card information, etc.). A banking trojan is a malicious computer program designed to […]