Get Smart about Business Spending
Phishing, e-mail money laundering scams on the rise
As the economy worsens and more people get laid off, online fraud and financial scams are rising, security experts say.
Many of the scams lure people in with promises of quick and easy money. For instance, there has been a marked increase in money mule recruitment scams for people to transfer funds online between countries, and other illegal work-related spam in recent months, security firm Panda said on Thursday. Such offers promise $225 or more a day for what they call "rebate processing" work at home.
"The schemes are aimed at people who are desperate in rough times and who are likely to respond as they lose jobs," Ryan Sherstobitoff, chief corporate evangelist at Panda.
While the U.S. unemployment rate increased by over 6 percent between August and October, reaching a 14-year high of 6.5 percent, dubious work recruitment scams rose 514 percent over that same period, according to statistics from the Honeypot Project, a security-focused research group.
Those types of recruitment spam hit an all-time high as a percentage of total spam, topping 0.31 percent, up from 0.23 percent the previous month and 0.13 percent in August, according to PandaLabs, the malware analysis laboratory of Panda.
Meanwhile, the success rate for the money mule operations in North America was on average 66 percent higher than the success rates of such scams in other regions, said PandaLabs, which analyzed a sample population of seven large mule networks around the world. Recipients respond to about one in three of the money mule e-mails, Sherstobitoff said.
This is an example of a money mule laundering e-mail, the type of which has risen along with the U.S. unemployment rate, PandaLabs says.
(Credit: PandaLabs)In the money mule scams, e-mails offer jobs as independent contractors and commissions for processing rebates that are supposedly from purchases made at legitimate companies. "Applicants" are asked to provide their bank account information and are then instructed to wire money that is deposited into their accounts to drop boxes via Western Union, said Sherstobitoff.
Rather than processing actual rebates, the operation is designed to launder stolen money from one country into another through legitimate bank accounts, he said. The "contractor" may or may not receive a small sum in exchange, but it won't be enough to make up for the risk posed by participating in an illegal scheme, he said.
Also believed to be related to the economic downturn is a spike in phishing attempts, whereby fraudsters lure people into providing sensitive bank and personal information on malicious Web sites that appear to be legitimate bank sites. The phishing e-mails lately have been made to look like they come from banks that have been involved in mergers, such as Chase and Washington Mutual, and are preying on bank customers who may be confused.
Over the last month there has been a significant increase in phishing attacks, or malicious Web sites discovered that victims are directed to via e-mail, according to security firm Cyveillance.
The daily average number of phishing attacks detected has risen from 400 or fewer in the first quarter of 2008 to more than 1,750 in the past month, the firm said. On one day the number of attacks spiked to greater than 13,000, said Cyveillance, which helps commercial customers get phishing sites taken down.
It is unknown how many people are actually falling for the phishing scams and losing money, said James Brooks, director of product management at Cyveillance.
The attacks are easy to do once e-mail addresses are obtained, and the risk of getting caught is incredibly small while the payoff can be huge, he said.
"Phishers are getting rich and are very organized," Brooks said. Meanwhile, "no one is going to jail over it."
Firefox and Internet Explorer have built-in features that warn Web surfers when a site they are visiting is potentially harmful, and Google has a Firefox extension that alerts people when a page appears to be requesting personal or financial information under false pretenses.
"None of these (technologies) is foolproof, but they're a step in the right direction," Brooks said.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
1. People who are stupid enough to fall for these scams and "get-rich-quick" schemes don't deserve to keep their jobs. =P
2. Scammers and spammers are the ones who should get caught and severely punished, not casual music piraters. If the scams somehow involved the RIAA...they'd be sought out and fined outrageous sums of money, as a lesson to others like them. *sigh*
- by mary2sue October 21, 2009 3:34 PM PDT
- I dont know how to report a money laundering scam but I do want to put the word out there about the company called design concepts. The lady "Jane Lucas" tried to offer me job after she got my resume off of careerbuilder.com. She offered me 4000 per month to open a business bank account and make transfers. I never started it because I had a lawyer take a look at it and she said it doesnt sound good. But I am so UPSET! I am a college senior looking for a job and she said I would be a entry level financial manager. I cant believe she was really going to take advantage of me like that! Her number is 347 756 4003. SHE IS A LIAR! And I am sure that is not her real name! I am so glad I didnt fall for it. but there are many who many get sucked into it. I want the goverment to do something and block these people. I wish I could call someone to report it but I dont know who to turn to! Watch out! her email is jane.m.lucas@hotmail.com I want her to get caught by the authorities because what they are doing is WRONG! I am just starting to get out in the real world and this is what i have to watch out for this is crazy! I dont know who to trust anymore
- Like this Reply to this comment
-
(5 Comments)