A money mule, sometimes called a "smurfer", [1] is a person who transfers money acquired illegally, such as by theft or fraud. Money mules transfer funds in person, through a courier service, or electronically, on behalf of others. Typically, the mule is paid for services with a small part of the money transferred. Money mules are often recruited on-line under the guise of legitimate employment, not aware that the money they are transferring is the product of crime. Similar techniques are used to transfer merchandise illegally.
Commonly, mules are recruited with job advertisements for "payment processing agents", "money transfer agents", "local processors", and other similar titles; the real benefit to the criminals is not the work carried out by the mule, but that the criminals are distanced from the risky, visible transfer. Some money mules are recruited by an attractive member of the opposite sex. After deducting a relatively small payment for themselves, candidates are asked to accept funds and to forward them to a third party, via remote work. Legitimate companies use escrow services for this kind of work. [2] Mules recruited online are typically used to transfer the proceeds from online fraud, such as phishing scams, malware scams or scams [3] that operate around auction sites like eBay.
After money or merchandise has been stolen, the criminal employs a mule to transfer the money or goods, hiding the criminal's true identity and location from the victim of the crime and the authorities. [4] By using instant payment mechanisms such as Western Union, the mule allows the thief to transform a reversible and traceable transaction into an irreversible and untraceable one. [5]
If an innocent third party's bank details have been compromised, they can be used as a mule without their knowledge, something sometimes called "Cuckoo smurfing". [1]
Criminals trading in stolen or illegally acquired goods use similar tactics to recruit mules who receive packages and forward them to mail drops not traceable to the criminal. [6]
Bitcoin ATMs were reported by Brian Krebs in 2016 to be rising in popularity for money muling. [7]
Money mules are complicit and risk criminal prosecution [8] and long jail sentences.
In 2010, The FBI Cyber Crimes Task Force, composed of Federal, State, and Local law enforcement, charged more than 37 defendants involved in a highly organized money mule scheme, facilitated by the Zeus Financial Trojan. This group of money mules opened several bank accounts, using both real and fake identification, to receive stolen funds from compromised bank accounts, withdraw the stolen money, then wire the stolen funds overseas. These money mules facilitated the theft of over $3 million from victim bank accounts. [9]
Money laundering is the process of illegally concealing the origin of money obtained from illicit activities such as drug trafficking, underground sex work, terrorism, corruption, embezzlement, and gambling, and converting the funds into a seemingly legitimate source, usually through a front organization.
Bank fraud is the use of potentially illegal means to obtain money, assets, or other property owned or held by a financial institution, or to obtain money from depositors by fraudulently posing as a bank or other financial institution. In many instances, bank fraud is a criminal offence.
Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.
Cheque fraud or check fraud refers to a category of criminal acts that involve making the unlawful use of cheques in order to illegally acquire or borrow funds that do not exist within the account balance or account-holder's legal ownership. Most methods involve taking advantage of the float to draw out these funds. Specific kinds of cheque fraud include cheque kiting, where funds are deposited before the end of the float period to cover the fraud, and paper hanging, where the float offers the opportunity to write fraudulent cheques but the account is never replenished.
A cryptocurrency exchange, or a digital currency exchange (DCE), is a business that allows customers to trade cryptocurrencies or digital currencies for other assets, such as conventional fiat money or other digital currencies. Exchanges may accept credit card payments, wire transfers or other forms of payment in exchange for digital currencies or cryptocurrencies. A cryptocurrency exchange can be a market maker that typically takes the bid–ask spreads as a transaction commission for its service or, as a matching platform, simply charges fees.
Terrorism financing is the provision of funds or providing financial support to individual terrorists or non-state actors.
Virtual currency, or virtual money, is a digital currency that is largely unregulated, issued and usually controlled by its developers, and used and accepted electronically among the members of a specific virtual community. In 2014, the European Banking Authority defined virtual currency as "a digital representation of value that is neither issued by a central bank or a public authority, nor necessarily attached to a fiat currency but is accepted by natural or legal persons as a means of payment and can be transferred, stored or traded electronically." A digital currency issued by a central bank is referred to as a central bank digital currency.
Financial crime is crime committed against property, involving the unlawful conversion of the ownership of property to one's own personal use and benefit. Financial crimes may involve fraud ; theft; scams or confidence tricks; tax evasion; bribery; sedition; embezzlement; identity theft; money laundering; and forgery and counterfeiting, including the production of counterfeit money and consumer goods.
The parcel mule scam, also known as the reshipping scam, involves scammers and unsuspecting victims handling goods to other countries. In some ways it is similar to the money mule scam. Scammers use fake advertising to hire mules. Items are bought with stolen cards, and since the goods are typically re-sold once shipped, this scam can be viewed as an indirect form of money laundering.
Liberty Reserve was a Costa Rica-based centralized digital currency service that billed itself as the "oldest, safest and most popular payment processor, serving millions all around a world". The site had over one million users when it was shut down by the United States government. Prosecutors argued that due to lax security, alleged criminal activity largely went undetected, which ultimately led to them seizing the service.
A Bitcoin ATM is a kiosk that allows a person to purchase Bitcoin and other cryptocurrencies by using cash or debit card. Some Bitcoin ATMs offer bidirectional functionality, enabling both the purchase of Bitcoin and the sale of Bitcoin for cash. In some cases, Bitcoin ATM providers require users to have an existing account to transact on the machine.
A cryptocurrency tumbler or cryptocurrency mixing service is a service that mixes potentially identifiable or "tainted" cryptocurrency funds with others, so as to obscure the trail back to the fund's original source. This is usually done by pooling together source funds from multiple inputs for a large and random period of time, and then spitting them back out to destination addresses. As all the funds are lumped together and then distributed at random times, it is very difficult to trace exact coins. Tumblers have arisen to improve the anonymity of cryptocurrencies, usually bitcoin, since the digital currencies provide a public ledger of all transactions. Due to its goal of anonymity, tumblers have been used to money launder cryptocurrency.
United States virtual currency law is financial regulation as applied to transactions in virtual currency in the U.S. The Commodity Futures Trading Commission has regulated and may continue to regulate virtual currencies as commodities. The Securities and Exchange Commission also requires registration of any virtual currency traded in the U.S. if it is classified as a security and of any trading platform that meets its definition of an exchange.
Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.
The Bangladesh Bank robbery, also known colloquially as the Bangladesh Bank cyber heist, was a theft that took place in February 2016. Thirty-five fraudulent instructions were issued by security hackers via the SWIFT network to illegally transfer close to US$1 billion from the Federal Reserve Bank of New York account belonging to Bangladesh Bank, the central bank of Bangladesh. Five of the thirty-five fraudulent instructions were successful in transferring US$101 million, with US$81 million traced to the Philippines and US$20 million to Sri Lanka. The Federal Reserve Bank of New York blocked the remaining thirty transactions, amounting to US$850 million, due to suspicions raised by a misspelled instruction. As of 2018, only around US$18 million of the US$81 million transferred to the Philippines has been recovered, and all the money transferred to Sri Lanka has since been recovered. Most of the money transferred to the Philippines went to four personal accounts, held by single individuals, and not to companies or corporations.
Alexander Vinnik is a Russian computer expert. From 2011 to 2017, he worked at BTC-e, a Russian cryptocurrency exchange.
Cryptocurrency and crime describe notable examples of cybercrime related to theft of cryptocurrencies and some methods or security vulnerabilities commonly exploited. Cryptojacking is a form of cybercrime specific to cryptocurrencies that have been used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.
Ramon Olorunwa Abbas In Yoruba; Ramon Olorunwá Abbas,, commonly known as Hushpuppi, Hush, or Ray Hushpuppi is a Dubai-based Nigerian Instagram influencer, self-acclaimed real estate mogul, and convicted felon. He was sentenced in the United States to 11 years for conspiracy to launder money obtained from business email compromise frauds and other scams, including schemes that defrauded a US law firm out of approximately $40 million, illegally transferred $14.7 million from a foreign financial institution, and targeted to steal $124 million from an English Premier League club.
The Bitfinex cryptocurrency exchange was hacked in August 2016. 119,756 bitcoin, worth about US$72 million at the time, was stolen.
Jabber Zeus was a cybercriminal syndicate and associated Trojan horse created and run by hackers and money launderers based in Russia, the United Kingdom, and Ukraine. It was the second main iteration of the Zeus malware and racketeering enterprise, succeeding Zeus and preceding Gameover Zeus.