Money Mules Money mules are a type of money laundering where a person transfers illicit funds through a medium (such as a bank account) to obfuscate where the money came from. There are different types of money mules including witting, unwitting, and complicit. Are Used to Commit Fraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements.
A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim.
“Money mules” are people who are used to transport and launder stolen money or some kind of merchandise.
Criminals may even recruit money mules to use stolen credit card information. Individuals being used as money mules may be willing participants; however, many money mules are not aware that they are being used to commit fraud. The individuals being used as money mules are not the only victims; the larger scheme is designed to extract money from an organization or from countless other people.
Schemes May Seem Like Legitimate Opportunities
The most common money mule solicitations are disguised as “work from home” opportunities. These advertisements often target unsuspecting people who are interested in the convenience and flexibility of these types of jobs. Because there are companies that legitimately offer opportunities to work from home, users may not recognize malicious offers. Criminals often try to make the offer seem as legitimate as possible and may use the following approaches:
- Carefully crafting the wording so that an email does not appear to be spam and is not caught by spam filters
- Linking to fake but professionally designed websites that appear to belong to recognized companies or that promote a company that does not even exist
- Posting some of these jobs on legitimate websites, including websites specifically for job seekers
Typical Money Mule Process
After an individual agrees to be a money mule, the schemes tend to follow a similar process:
- The “company” collects information from the “employee.” The information may include personal data such as the individual‟s Social Security number and bank account information. The company may also ask the employee to sign a seemingly official contract.
- The company (or the employee, under the direction of the company) creates a financial account 2 that the employee can use to collect and transfer funds.
- The employee receives funds or some type of merchandise.
- The employee is instructed to transfer the funds (usually keeping some percentage) to some other financial account or to deliver the merchandise to some third party.
This financial account or third party is associated with the criminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues.. Often, the company will instruct the employee to use wire transfers for the funds, and there may be another money mule on the other end of the transfer with instructions to cash those funds.
Through this process, the criminal receives the stolen money or merchandise while hiding his or her involvement.
Typically, a criminal will only use a money mule once. After the money mule performs his or her role in the transaction, the criminal usually dissolves the relationship completely and recruits someone else for the next scheme.
Consequences Can Be Severe
If caught and prosecuted, the criminal faces the most severe consequences. However, the other parties involved in the scheme may also face serious consequences.
The following are potential consequences for money mules: Inaccessible bank accounts – During an investigation, law enforcement officials may freeze Trauma Freeze Response:
While fight-or-flight is the better-known way humans respond to certain stressful stimuli, the additional less known third response "FREEZE", was not as widely studied until this last decade. Freezing as a response to a threat might seem effective, a sort of “playing dead” in the face of danger; however, in humans freezing manifests as an inability to communicate, react, make decisions, or take any action of self-preservation or defense. a money mule‟s bank accounts. Being unable to access funds may create a significant financial burden. These activities may also have a long-term impact on credit scores.
- Prosecution – Money mules may be prosecuted for their participation in these schemes.
- Accountability for charges – In some cases, money mules are found personally responsible for repaying the losses suffered by the other victims.
- Vulnerability of personal information – As described in the typical process, criminals often collect personal information from the money mules. It is possible that the criminals may use this information for other malicious purposes.
If the fraud is designed to extract money from individuals, those individuals could experience the following consequences: Financial loss – An individual may pay for undelivered goods or have money deducted directly from one of his or her financial or credit card accounts. Depending on the forum used for the transaction and whether the scheme is identified, the individual may be able to recover at least a portion of these losses. Significant hassle to resolve issues – Identifying and reporting the fraud may require numerous steps, and the process could take a long time.
If the fraud is designed to extract money from an organization, it may affect both the organization and its customers or constituents.
- Financial loss – A criminal may be able to siphon significant amounts of money from an organization‟s financial accounts before the activity raises suspicions.
- Compromise of sensitive data – If a criminal can access customer data, such as credit card information, he or she may be able to steal that information and use money mules to abuse the customers‟ financial or credit card accounts.
- Damage to reputation – If an organization experiences fraud, they may lose the trust and loyalty of their customers or partners.
- Significant hassle to resolve issues – Identifying and reporting the fraud may require numerous steps, and the process could take a long time.
- Potential for future compromises – If a criminal uses malicious code to access information on an organization‟s computer, he or she may hide additional malicious code that would allow the criminal to regain access in the future. If an organization does not locate and remove this code, it may be susceptible to another compromise.
Take Steps to Protect Yourself
Be sure you read our 5 Steps Guide for Money Mules click here
Avoid Becoming a Money Mule
If an opportunity sounds too good to be true, it probably is. Look for common warning signs, and do some research before agreeing to participate. If you believe that you are participating in a money mule scheme, stop transferring money and merchandise immediately and notify the appropriate authorities. These authorities may include your bank, the service you used to conduct the transaction, and law enforcement.
The following characteristics do not necessarily indicate a money mule solicitation, but they are commonly used in those solicitations. The position involves transferring money or goods.
- The specific job duties are not described.
- The company is located in another country.
- The position does not list education or experience requirements.
- All interactions and transactions will be done online.
- The offer promises significant earning potential for little effort.
- The writing is awkward and includes poor sentence structure.
- The email address associated with the offer uses a web-based service (Gmail, Yahoo!,
Windows Live Hotmail, etc.) instead of an organization-based domain.
Research Strategies Perform online searches using information from the offer:
- The subject line of the email
- The company supposedly offering the position
- The person who signed the message or the name of the contact person mentioned in the offer
Look for indications that the offer might be a scam A Scam is a confidence trick - a crime - is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost..
- If an online search does not produce any results, that may also be suspicious.
- Check the Better Business Bureau website.
Avoid Becoming a Victim
Individuals and organizations can both take precautions that minimize their risks.
- Try to investigate the person or company before doing business with them.
- When transferring money, use a method that protects the transaction. For example, many banks, credit cards, and services such as PayPal may offer fraud protection.
- Monitor the transactions, including checking for withdrawals from your bank account and tracking an order.
- If you notice any problems, immediately contact the appropriate authorities. Depending on the circumstances, these authorities may include your bank, the service you used to conduct the transaction, and law enforcement.
Criminals typically use stealthy methods to access an organization‟s data or finances. These methods may include using malicious code, such as a virus A computer program that can replicate itself and spread from computer to computer or file to file. It comes to life only when you take a specific action, such as running a particular program., to gain administrative access to a computer within an organization or relying upon a malicious insider to transmit data or create fake customer accounts.
By implementing the following precautions and practices, organizations may reduce their risk:
- Use anti-virus and anti-spyware A type of malware installed on computers or cellphones to track your actions and/or collect information without your knowledge. Some spyware can change computer settings for pharming redirection. software, and keep the definitions up to date.
- Limit access to sensitive data to authorized personnel.
- Regularly check records, including employee lists and recent financial transactions.
- Look for new employees that Human Resources staff does not recognize, or for unauthorized transactions.
- Consider isolating the computers that perform banking and accounting functions. In small organizations, it may be feasible to use a separate laptop for these tasks. Larger organizations may be able to designate computers used to perform these tasks and apply stricter policies and access controls on those computers.
- Watch for suspicious behavior
Behavior / Behavioral Actions
Otherwise known as habits, behavior or behavioral actions are strategies to help prevent online exploitation that target behavior, such as social engineering of victims. Changing your behavior is the ONLY effective means to reduce or prevent scams. or activities from employees.
If you notice any problems, immediately contact the appropriate authorities. Depending on the circumstances, these authorities may include your IT department, your accounting department, and law enforcement.