Behind the Phish - Following the Money
Published on 17th July 2010 by Brett M. Christensen
I often publish articles that report on phishing scams
. My aim is to warn readers about the particular phishing scam described as well as to educate them about phishing in general. My goal is to give people the knowledge they require to recognize and safely deal with phishing scam emails. Obviously, it is much more desirable that a person avoid becoming victim to such scams in the first place rather than try to recover after a successful phishing attack.
That said, it is also useful to have some understanding of what happens after a victim's account has been compromised in a phishing scam. Let's explore a typical phishing scam in which the victim has received an email supposedly from his bank that asks him to urgently update his details. Our victim dutifully clicks a link in the scam email and enters his account number and password in order to login to what he believes is his bank's website. Of course, the site is actually a fake, and the submitted login details can be collected by criminals and used to access the victim's real bank account.
Depending on how much other personal information the victim supplied on the bogus site the scammers may also have enough to steal his identity outright. They can then pose as the victim, take out loans in his name, apply for credit cards, and trap him in a chaotic financial and legal situation that might take months or years to set right. However, the initial goal of the scammers is likely to be to get hold of funds in the compromised account, and it is this aspect that I'll be discussing here.
After the scammers have collected our victim's login details, they can easily access his account. However, this will do them no good unless they can somehow take possession of the money in the account without revealing their identity or current location. Since electronic funds transfers leave a clear trail, this is not as easy as it might seem. The scammers cannot simply transfer the funds to their own accounts because the authorities will be able to follow the money right to them. Instead, after shifting the money through various accounts to confuse the trail a little, the scammers may transfer it into the account of another kind of scam victim who has been tricked or coerced into participating in a money-laundering scheme
This victim has effectively become a money mule for the phishers. He may have answered an emailed "job advertisement" that asks him to accept funds into his bank account in exchange for a percentage of the money received. He is instructed to withdraw the received funds, minus the specified percentage, and forward it using an international cash transfer service. Thus, the scammer receives the stolen money as untraceable cash, and the electronic money trail stops at the hapless money mule.
If the phish is discovered quickly enough, the bank may manage to intercept the funds before they are "laundered", thus thwarting the scammers. Unfortunately, in many cases the victim may not immediately realize that he has been scammed. By the time the theft is discovered it could well be too late.
Although there have been some significant phishing related arrests, the global nature of phishing scams can make it difficult for law enforcement to identify and apprehend the criminals responsible. A phishing operation can traverse the globe. For example, the initial phishing email may have been sent, along with thousands of others, by a compromised zombie computer in Australia. The bogus website might reside on a server located in Asia. Our victim may be in California. The money mule may live in New York. And the scammer who finally collects the stolen money may be lurking somewhere in Europe.
The best protection against phishing? Make your computer as secure as possible, learn to recognize phishing and money laundering scam emails, and gain an understanding of how phishing scammers operate. The most effective defence against phishing and other scams is knowledge.
Phishing Scams - Anti-Phishing Information
Payment Transfer Job Scam Emails - Laundering Scams