Local job seekers are being tricked into helping cyber criminals launder money
Mary had no idea she was helping an international crime syndicate launder stolen money until police knocked on the door of her West Auckland home.
Searching for work on her laptop three days after being made redundant, Mary had stumbled upon a recruitment website advertising a work-from-home "operations manager" position for a global company paying a promised US$67,000 ($95,000) a year.
"Nothing to lose," Mary thought as she filled in the rather detailed online application form.
She was pleasantly surprised when an appointment confirmation email arrived just two days later.
The nature of the work was also a surprise; the company put money into her bank account and she followed their instructions for forwarding it on through Western Union by filling in a form at her local PostShop.
The visit from the police and the revelation she had been unintentionally helping criminals siphon stolen money out of the country came as a shock.
But the officers accepted Mary's explanation that she had no idea what was going on.
She shook off the incident as a learning experience.
Nothing had been lost except a few days of job-hunting time.
Then she realised her redundancy payout was missing from her bank account.
Mary had become the cyber crime gang's latest victim.
A growing number of local job seekers are being conned into helping cyber-criminals launder money stolen from hacked bank accounts.
Internet security company RSA estimates that at any one time there are about 300 cyber "mules" in New Zealand and Australia inadvertently helping transfer money into overseas criminals' hands.
Home and work computers not protected against viruses and malware are easily infected by spying programs which can store and forward online account and password details when users bank over the internet.
A sophisticated global underground economy has blossomed around the use of these stolen "credentials" which are sold in large numbers using online criminal marketplaces - the underworld equivalents of Trade Me.
Mules are the final link in the fraud chain, and are typically instructed to launder between $2000 and $5000 from victim's banks accounts by "mule herders" who use sophisticated technology to monitor their network of unsuspicious operatives, says Greg Singh, RSA's principal consultant for New Zealand and Australia.
The mules role is to make the all-important "drop" - the final transfer of cash into a criminal's hands.
"Mules are extremely expendable, they're people who have been conned into doing this type of work."
"They've usually replied to some sort of advertisement, typically on the internet and quite often on job sites."
Singh says scam job offers are posted either through legitimate job websites or imitation sites set up by criminals.
The jobs typically promise to pay between US$65,000 and US$70,000 and are often pitched as "humanitarian" roles, spinning a line that the money transfer role needs to be done as an efficient means of getting cash to needy people overseas.
Because the job recruit ruse involves soliciting bank account and other personal details, mules often end up having their own bank accounts sucked dry once they have served their purpose for the mule herder.
"The geographic nature of New Zealand, and its location globally actually lends itself to being quite a central hub for [cybercrime in] the South Pacific," says Singh.
"So while New Zealand may not implicitly be a target, it's a place that's on the [internet] highway and it's a big stop. The traffic that is there does make it easier to be targeted for activities such as muling."
Many New Zealanders and Australians may also still believe we are immune from cybercrime activity generated in the Northern Hemisphere, he says.
"There are parts of our populace who don't appreciate the connected nature of the world at the moment and don't realise how we can be just as much a target as someone who is in the US or Europe. The connected nature of the world means geographic boundaries now have no impact on the ability to commit crime or to use people to commit crime."
The prevalence of scams hitting New Zealanders has prompted local cyber-safety group NetSafe to set up a website (www.ScamMachine.org.nz) where people can share experiences - in a light-hearted way - of friends who have been the victims of online fraud.
RSA staff masquerade as cybercriminals to monitor underground activity and have been alerted to packages of New Zealand bank login information trading hands.
"New Zealand financial institutions have been targeted just as financial institutions in just about every country in the have been targeted," says Singh.
"Once they've been targeted, and fraudsters get their consumer credentials, that's when there's a requirement to recruit mules in the country - to use the cash-out process, the monetisation of those credentials."
Sophisticated software for controlling all aspects of online fraud can be bought for a few hundred dollars over the internet and the economic impact of the global financial crisis means the pool for recruiting mules is large, says RSA fraud expert Uri Rivner.
"I would argue this is the best time to be a fraudster," Rivner told journalists at an RSA security conference in the US last month.
"If you want to cross the line, now is the time - everything works in your favour," he said.
"It's an economy. Everyone has a role in that economy and it's actually quite competitive. You are competing against other criminals in your specific specialisation."
Uri showed journalists conversations from criminals using pseudonyms to trade on online fraud service trading chat rooms, which have thousands of members.
The value of the global online fraud industry has been estimated at several billion dollars a year.
Chris Young, a senior vice-president with RSA, says he expects the level of technological sophistication used by online scammers to increase.
"We've seen a lot of innovation around harvesting and collecting information but, if what's preventing these guys from making money is the ability to cash-out, we expect to see a lot more innovation around how they ultimately are able to do that."
"[Whether it's through] a more distributed mule network, better recruiting methodologies for getting people who are willing to do the cash-out, or whether they're able to automate the cash-out [process] we expect to see a lot of innovation as it relates to the crimeware [fraud software] that's out there."
FRAUD ECONOMY
A multibillion-dollar business.
* Criminals use sophisticated software to gather and trade personal details, including credit card numbers and online banking passwords.
* The underground economy is divided into "harvesters" who steal information and "cash-out operators" who use it to empty victim's bank accounts and launder the money.
* "Mule herders" use fake job ads to recruit unsuspecting "mules" to help launder money by siphoning it through their personal bank accounts.
* About 300 mules are believed to be active in New Zealand and Australia at any one time.
