In its simplest form, online banking fraud is a relatively straightforward process. Like all fraud chains, it can be split to main two parts: obtaining compromised credentials and cashout.
Obtaining victims’ credentials would typically include every element needed to login to the victim’s bank account (i.e. username, password, etc.). In order to acquire this information, a fraudster will set up a phishing or malware attack that will reach out to the intended victim via spam or a Trojan download. These attacks will then either get the victims to divulge their information or capture it from their machines. Once the information has been compromised, it is time to turn the data into money – by logging into the victim’s account and initiating a fraudulent transfer to a pre-obtained mule account. Upon receiving the funds (in case they do get through to the mule account and weren’t blocked en route), the mule cashes out the new funds from their bank account and sends the money to the fraudster (minus their share, of course).
Since the setup and skill set required for building a mule network are quite different from those required to for credential collection, most fraudsters focus on one specialty and meet in the underground to partner-up or trade services.
SOURCE: blogs.rsa.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
There are a number of commonly used verification tools out…
Phishing remains a relentless and highly effective cybersecurity threat. Despite…
Each year, Cybersecurity Awareness Month serves as a valuable reminder…
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…