The Business of Fraud: Drops and Mules — Insikt Group Research

The Business of Fraud: Drops and Mules

May 11, 2021 • Insikt Group®

Insikt Group

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Recorded Future analyzed current data from the Recorded Future® Platform, as well as dark web and open-source intelligence (OSINT) sources, to review bank drops and mules that facilitate nefarious activities by threat actors. This report expands upon findings addressed in “The Business of Fraud: An Overview of How Cybercrime Gets Monetized. It will be of most interest to anti-fraud and network defenders, security researchers, and executives charged with security and fraud risk management and mitigation.

Executive Summary

“Mules”, individuals who transfer money or other goods on behalf of others, are a crucial component to the success of financial crimes, particularly money laundering for capital earned through illegal means such as drugs, fraud, or human trafficking. Typically, the threat actor will make contact with the victim or advertise their operations through social media platforms, job or dating websites, and underground forums. The criminal will entice the victim with a lucrative weekly salary such as a percentage of the money that passes through their personal account. These various platforms are also a way in which complicit mules who are familiar with the business can advertise their services for potential jobs. We have identified threat actors targeting potential money mule victims through a multitude of scams on English, Russian, Spanish, and Portuguese forums and channels. 

Mules are usually supported by a network of “drop” services, which have infrastructure in place such as warehouses, vehicles, fake IDs, and more to coordinate the logistics of handling the dirty money or fraudulent goods that mules transfer. These services are essential for further obfuscating the origin and destination of the money and goods.

Key Judgments

  • Mules are used, knowingly or unknowingly, to launder money for various forms of criminal operations.
  • The use of money mules has grown and is expected to grow substantially. In 2020 US law enforcement agencies took action against over 2,300 money mules, far surpassing 2019’s efforts, which acted against around 600 money mules.
  • Though advantageous for criminals, reshipping and money laundering scams can result in serious consequences for the mules. As accomplices to fraud, the mules often end up losing money, sometimes suffer personal harm, and can even be pursued by federal and local law enforcement.
  • Demand has grown for mules, in particular money mules, in Latin America. Recorded Future has identified Portuguese- and Spanish-speaking threat actors consistently advertising the need for bank drop associates.

Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

New call-to-action

Related Posts

Threat Activity Group RedFoxtrot Linked to China’s PLA Unit 69010; Targets Bordering Asian Countries

Threat Activity Group RedFoxtrot Linked to China’s PLA Unit 69010; Targets Bordering Asian Countries

June 16, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

Threats to Asian Communities in North America, Europe, and Oceania

Threats to Asian Communities in North America, Europe, and Oceania

June 2, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

Who is DarkSide—The Group Behind the Colonial Pipeline Breach?

Who is DarkSide—The Group Behind the Colonial Pipeline Breach?

May 26, 2021 • Gemini Advisory

Editor’s Note: The following post is an excerpt of a full report by Gemini Advisory To read the...