In its simplest form, online banking fraud is a relatively straightforward process. Like all fraud chains, it can be split to main two parts: obtaining compromised credentials and cashout.
Obtaining victims’ credentials would typically include every element needed to login to the victim’s bank account (i.e. username, password, etc.). In order to acquire this information, a fraudster will set up a phishing or malware attack that will reach out to the intended victim via spam or a Trojan download. These attacks will then either get the victims to divulge their information or capture it from their machines. Once the information has been compromised, it is time to turn the data into money – by logging into the victim’s account and initiating a fraudulent transfer to a pre-obtained mule account. Upon receiving the funds (in case they do get through to the mule account and weren’t blocked en route), the mule cashes out the new funds from their bank account and sends the money to the fraudster (minus their share, of course).
Since the setup and skill set required for building a mule network are quite different from those required to for credential collection, most fraudsters focus on one specialty and meet in the underground to partner-up or trade services.
SOURCE: blogs.rsa.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…