When there is fraud, there is a mule account; in fact, it is more important than botnets or phishing methods because what will hackers do with the bank credentials they have if they can’t use them? It is an important part in the fraud and the scammers will look for ways to recruit and also control the mules.

Today, the recruitment of mules is done on the Internet by scam. Scammers will send a bogus email about job searches saying the victim’s resume was reviewed and they are fit to work at home. Due to the fact that the economy is tough and it is an opportunity, the victims will take the bait. In the following email exchanges, the victim will sign false documents and receive instructions for their task. Sometimes mules will be told to accept funds from compromised accounts, to forward goods that are purchased with someone else’s credit card, or even to receive the money.

Soon, the scammers ran into a problem, when potential recruits asked about the company’s website. To fix the problem, the scammers even created their own website as the front page for their activities, and candidates can view the site and see job openings. They made it look like a legitimate company by listing current employees and their jobs; details about his work and others.

Online mule recruiting has changed the way scammers operate because they don’t need a physical presence in there in order to recruit potential mules. Since you are doing your recruiting online, you can further increase the number of mules to increase your earnings. It has become a challenge for many law enforcement agencies and incident response industry teams because the mules thought they had legitimate jobs. Sometimes even mules also become victims.

Sometimes there are places where online recruiting can become a problem, so scammers will still recruit mules in the real world. Sometimes these mules can be accomplices who know they are working with scammers and can open multiple bank accounts. Another type of mule is what the police call vacation or tourist mules; mules that move to another country and open accounts in certain banks for their operation.

In some ways, it is difficult for banks to prevent a mule from opening a bank account because mules can be just like any other normal person who is trying to open a bank account. However, it is still possible to identify a potential mule and stop it before it makes a mistake that it regrets. Since mules can be accomplices they are trained liars or unwitting victims who are too willing to make money. Identifying the first can be difficult, but the second is not.

Identifying unintentional mules can be a breeze by asking simple questions before they can open bank accounts. It is the same as the security control found in airports, where strange series of questions are asked; Questions that are not designed for liars but for certain individuals who were misled and placed in a particular situation.

For example, bank employees will ask the individual if someone else told them to open a bank account at this bank; or ask if the opening of this particular bank account is related to a particular job offer you received on the internet or even in real life. Or any other question that may raise the alarm of the bank, but that does not mean that the employee can really assess whether that person is a potential mule or not. In fact, the responses will be recorded and the opening of the bank account will be suspended until more results are available from the investigations conducted by the incident management or security team.

Basically, banks do not need to conduct additional special training for their employees, a simple information campaign on new procedures will suffice. Customer education isn’t that important at all, but it won’t hurt the bank if they try to give away flyers or post ads that explain the danger of mule scams. Instead, bank customers and the public will appreciate the information provided by banks and can help deter fraud in hiring more mules.

The International Council of Electronic Commerce Consultants (EC-Council) is a membership organization that certifies individuals in cybersecurity and electronic commerce. He is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified over 40,000 members. These certifications are recognized around the world and have been endorsed by various government agencies. They also offer training in response to incidents.