Check fraudsters target job seekers with slick money mule cash checking offer
Posted on | July 28, 2010 | add a comment
LAS VEGAS — A slick, new e-mail scam is putting well-intentioned job seekers at risk of losing $3,000 — and being arrested for check fraud, an investigator revealed at the Black Hat security conference Wednesday.
A cybercriminal gang based in Russia is sending e-mail directly to thousands of job seekers who’ve posted resumes on popular job websites, according to Joe Stewart a senior researcher at SecureWorks.
The job offer: the recruit can earn more than $300 for cashing a commercial business check, made out to him or her, and wiring the proceeds to a contact in St. Petersburg, Russia.
If the person agrees, a professionally printed business check arrives the next day by a shipping service. To earn the $300, the victim is required to cash the check and execute the wire transfer within 24 hours.
Stewart has discovered digital images of some $9 million worth of high-quality fake checks, each in amounts of slightly less than $3,000, written against some 1,200 business accounts. Many of the accounts are for contractors who often pay individual subcontractors with such checks.
The checks are so good because the cyber gang hacked into the databases of three firms that archive images of legit commercial business checks.
The criminals downloaded all the images they could find, grabbing bank routing numbers, names and addresses and even signatures of legitimate account holders. They used the information to create their own checks using easy-to-acquire software and printers.
“Presumably this scam has been working because they’ve been doing it for at lest a year and they wouldn’t be doing it this long if it were not making them money,” says Stewart.
SecureWorks says it is working with the FBI and says the hackers have not been caught.
The Internet-based check kiting scheme underscores how creative and efficient cybercrooks have become. Multi-stage attacks that combine stolen data and social engineering trickery are being refined to pilfer from individuals and businesses in novel ways.
“Cybercriminals are learning business patience,†says Paul Ducklin, technology director at antivirus company Sophos. “They do research, acquire different pieces, put them together for specific purposes, take risks, and then profit handsomely.â€
Networking gear maker Cisco Systems issued a report Wednesday detailing how malicious software programs continued to highly saturate the Internet in the second quarter, ending June 30.
And Verizon Business reported that 85% of cyberattacks in 2009 were not technically difficult. “The criminal is not going to want to work harder than they have to,†says Wade Baker, Verizon director of risk intelligence. “It’s really a reflection of them choosing easy targets to knock off.â€
By Byron Acohido