From the Finally Fast Security Desk:
Cash flow will be the main focus in cyber crime, as hackers try to expand and exploit new technologies.
According to Cisco’s recently released 2010 Annual Security Report, hackers are pursuing new avenues to sustain the financial aspects of cyber crime. The company conducted its study on the economics of cyber crime in its Return on Investment Matrix. Because many scams steal money, and cyber criminals need to find a way to hide that money without government or legal pressure, money muling has become a common trade on the web.
“When it comes to the success of [banking Trojans] like Zeus, the bottleneck is not getting a Trojan on people’s machines. There’s a surplus on that side quite frankly,” Scott Olechowski, manager of Cisco’s Threat Research Group, said. “The challenge that criminals are facing now is getting that money. That’s why [money] muling has really become one of the biggest bottlenecks in that type of crime.”
For muling, cyber criminals seek out individuals willing to deposit money stolen via online scams in their bank accounts, or even create entirely new accounts for cyber crime profits.
So far, this process has been unsuccessful, according to Olechowski. He said that most mules work only for a day, after which they are caught by law enforcement or ditched by their cyber criminal employer.
However, because the study predicts international spam and botnet scams will continue to generate substantial revenue for cyber crime organizations, money muling efforts are likely to change and become more sophisticated.
“Money muling is an area that we’re confident will be a really big area of investment for criminals this year,” Olechowski said.
Many have already begun, according to the report. Online offers targeting the unemployed, which are high in number in the U.S. since the onset of the economic recession in 2008, have recruited previously innocent web users into cyber criminals by association.
“The more sophisticated cash-out organizations act as legitimate financial services firms,” Cisco’s report explained. “Individuals who come in contact with these operations usually have no idea they are being recruited as money mules, and believe they are dealing with a recruiter for a legitimate company.”
According to the report, these ads go as far as providing legitimate titles, including “regional assistant” and “payment processor.” After complying with the job posting, unsuspecting web users are often apprehended by police and take the blame for a cyber criminal employer, who has already covered his tracks and evaded law enforcement.
Others have been more brash in their tactics. Earlier this month, two Vietnamese exchange students studying at Winona State University in Minnesota were arrested by federal agents for muling funds for a multi-million dollar eBay scam.
Protecting Your PC
No matter how the cyber criminal is getting their money, through muling or other tactics, its important to make sure that you are not losing money or information to Cyber crime. Products like Finally Fast, an Ascentive featured site, can help detect dangerous programs before consumers’ security is violated. As Scott Olechowski says “the bottleneck is not getting a Trojan on people’s machines,” so make sure you are making it hard for cyber criminal’s to get your information.