Money mule recruitment scam hits Irish inboxes

25 May 2010

A new email scam has been uncovered supposedly offering part-time work but which security experts say is most likely a recruiting campaign for money laundering or phishing frauds.

The scam has been flagged online in several European countries recently, including the UK, Italy and the Netherlands, and emails with similar wording have been found in Irish inboxes or spam folders over the past week.

The email purports to come from a Juliette Barnes, who claims to be a recruiting manager with NetTemps Inc (actually a legitimate US company with no ties to the scammers). The message goes on to offer “part-time and virtual office vacancies”, supposedly in sectors like advertising, education, engineering, finance, healthcare, IT, media, real estate and transportation.

There is no mention of money in the initial email, which just asks interested candidates to give their name and contact number. Straight away this should raise suspicions because the sender ought to have the recipient’s name from their email address anyway.

Warning signs

Another red flag is that while the sender introduces themselves by one name in the body of the message, the email address is usually something completely different. A quick check in the header information reveals that even this email address is itself a spoofed fake. Some of the emails have been traced to a server in Colombia, others to IP addresses in Russia.

At the IRISS (Irish Reporting and Information Security Service) cyber crime conference in Dublin last year, the head of the Garda’s computer crime unit spoke of the role of “money mules” in online scams.

Detective Inspector Paul Gillen, head of the Computer Crime Investigation Unit at the Garda Bureau of Fraud Investigation, said criminals try to recruit people based in Ireland to physically withdraw money from a phished or compromised bank account and then move it to a different account that can be accessed by the criminals, or more often, forward the cash by wire transfer to the account in another country.

In many cases, the “mules” are not aware they are taking part in a crime, and may believe that they are simply transferring money for the company that recruited them

We know about money mules because they have the most public role in the scam, which makes them the ones most likely to be caught, said Gillen. “The money mule is the first person to raise their head above the trench to have the back of their collar grabbed,” he said.

Online scammers are constantly coming up with new ways to hawk their wares. A legitimate antivirus discussion group on LinkedIn was recently infiltrated by someone masquerading as a student who was trying to sell fake AV tools and illegal cracked software.

By Gordon Smith

Gordon Smith was a contributor to Silicon Republic