Money Mule

"Money mules" are a lesser known, but very important, aspect of international carding operations and other types of online fraud. Money mules are people recruited, often without their knowledge, into criminal money- or goods-laundering operations. The "mule" provides his or her bank account to the criminals, who use it to process stolen funds or purchase goods for later resale. Organizations that employ money mules are often criminal groups that specialize in credit-card fraud and identity theft; in many cases, the mules end up as identity-theft victims themselves as their "employers" clean out their bank accounts once they are finished with them.

For major financial institutions, their best asset in the fight against fraudsters is their ability to follow the money, in this case the money mules. As argued below, the most important recent trends in this type of scam are as follows:

• Increasing general sophistication in the verbiage used in spam e-mails and scam Web sites.
• Increasing use of Rock Phish-style tactics for hosting scam Web sites on a wide variety of URLs to avoid shutdown.
• Increasing use of Hong Kong–based top-level domain registrars (particularly Hong Kong Domain Name Registration [HKDNR]), which scammers perceive (rightfully or not) are less likely to respond to abuse reports.

Together, these trends show that despite the fact that money mule scams have been around for years, they continue to increase in sophistication and effectiveness and are likely to remain one of the salient features of the cyber crime landscape for the foreseeable future.