Financial institutions continue to prioritize investment in digital banking to grow revenue and acquire new customers. The coronavirus pandemic accelerated that transformation, specifically around digital account opening. With access to physical branches restricted, digital account opening surged, with nearly two out of three checking accounts opened online or through a mobile device. Digital adoption has mostly come from demographic groups, such as boomers and seniors, who have traditionally been slower to embrace these channels.
On a different note, millennials and Gen Z are being increasingly targeted for money mule scams offered under the guise of online job advertisements. In a time of economic uncertainty, it is easy to lure victims struggling to find work into these scams. Cifas recently announced more than 17,000 reports, or four in 10 cases of money mules, involved victims aged 21 to 30 last year.
An Environment Ripe for Fraud
So, why are money mules becoming a modern-day gold rush for cybercriminals? First, the economic climate brought on by the COVID-19 pandemic has enticed cybercriminals to step up their game. Global economic relief programs, such as unemployment benefits and government stimulus checks, were ripe for fraud because of open-door policies designed to distribute money fast to businesses and consumers. In the United States alone, it is estimated that more than $36 billion in improper payments were made to scammers. In the UK, up to £3.5 billion of unemployment payments were the result of fraud or error.
Second, technology has made it easier than ever for criminals to open new accounts using digital banking channels and bypass traditional KYC barriers. While mule recruitment is still popular and fraud-as-a-service business models provide the opportunity to “rent” mule accounts, it has become easier for cybercriminals to control their own mule networks by simply opening an account in someone else’s name and withdrawing the stolen funds.
Last, the lack of clear ownership and resources dedicated to continuous detection and monitoring for mule accounts has given cybercriminals the edge. Most financial institutions are not in the business of proactively identifying mule accounts unless it is painfully obvious. Mule detection is instead a reactive practice that moves up the priority list only when law enforcement or a regulatory agency becomes involved. Combined with a lack of industry standards or best practices, and suddenly an ideal environment is born for mule accounts to flourish.
New digital banks or newly enhanced digital channels are particularly vulnerable for account opening attacks, with cybercriminals assuming these organizations do not have the right defenses to drive attacks away. This was confirmed after one digital bank launched an aggressive marketing campaign offering high interest rates to acquire new customers. Results from the marketing campaign produced a significant amount of new applications, but it wasn’t good news. The bank realized they were under an account opening attack where cybercriminals were using the bank to create mule accounts that could be used to cash out funds from other compromised accounts. Behavioral biometrics played a key role in putting the brakes on this massive account opening attack.
What else is contributing to increased mule activity? Do you think mule detection will become a priority for financial institutions in the coming year? Join an upcoming session at RSA Conference featuring Trace Fooshee, Senior Analyst in Aite Group’s Fraud & AML, for a discussion on the scale and evolution of mule activity and what can be done to stop it.