A recent investigation by the cyber cell in Pune has revealed a ₹4 crore online share trading fraud, uncovering a network of deceitful online trading applications, money mule accounts, and the utilization of cryptocurrency channels to channel funds to Hong Kong.
Although alarming, this disclosure is not an isolated occurrence, as similar instances have been noted previously.
The surge in mule account fraud in India has been highlighted in the ‘2024 Digital Banking Fraud Trends in India’ report by BioCatch, a leading digital fraud detection company.
Understanding mule account fraud
In essence, a mule account is a bank account that is fraudulently exploited by criminals to transfer unlawfully obtained money.
As elucidated by Dhiren V Dedhia, Head of Enterprise Solutions at CrossFraud, these individuals, termed as money mules, serve as conduits for transferring funds.
“In order to circumvent regulatory restrictions, fraudsters exploit mule accounts to funnel money through Indian payment instruments, including bank accounts, credit cards, and digital wallets,” Amit Relan, Co-Founder and CEO of mFilterIt, informed CNBC-TV18.
The account owner, known as a “money mule,” may not be aware of their involvement in illegal activities. They receive funds into their account and then transfer them elsewhere, complicating authorities’ efforts to trace the illicit transactions.
The modus operandi of fraudsters
Shikhar Aggarwal, Chairman of BLS E-Services, sheds light on the tactics used by fraudsters to coerce unsuspecting individuals into becoming money mules.
“Through electronic channels such as emails and social media, fraudsters lure victims with promises of lucrative incentives or commissions, thereby coercing them into facilitating illegal transactions,” he stated.
Vinod Nair, President of Noventiq India, emphasized the strategies employed by fraudsters, which range from phishing attacks and business email compromise to ransomware and internal fraud.
Phishing and spear phishing attacks: Scammers send emails or messages that appear legitimate, such as from a bank or known vendor, requesting sensitive information. Spear phishing targets specific individuals within an organization.
Business Email Compromise (BEC): Fraudsters hack or spoof company email accounts to impersonate executives, managers, or suppliers, instructing employees to transfer funds or send sensitive data.
Ransomware: Malware attacks infiltrate a business’s systems, encrypting files and data and demanding a ransom for decryption.
Invoice fraud: Scammers send fake invoices from regular suppliers with altered payment details, leading to financial loss when paid without verification.
Internal Fraud: Employees exploit access to confidential information or financial systems for personal gain.
The aftermath of fraudulent schemes
Armed with personal or financial data obtained from victims, fraudsters engage in various nefarious activities, from identity theft to unauthorized transactions and mule account fraud.
Mitigating the risks of mule account fraud
To counter the risks posed by mule account fraud, proactive measures are imperative.
Relan underscored the importance of vigilance in scrutinizing payment requests and avoiding engagement with dubious schemes.
“Stay clear of illicit or untrustworthy websites, particularly those related to gambling, gaming, or adult content. Be cautious of job offers involving money transfers or payments on behalf of others,” he advised CNBC-TV18.com.
Additionally, promptly reporting suspicious activities to relevant authorities is crucial in curbing mule account fraud proliferation.
Vishal Salvi, CEO at Quick Heal Technologies Limited, emphasized protecting one’s bank account from being ensnared in a mule account scam.
He stressed caution regarding unsolicited requests offering cash or transfers in exchange for a commission, as engaging in such activities could lead to severe legal consequences if caught.
In the event of a compromised account or suspicion of fraudulent activity, immediate action is crucial. Individuals should report incidents to their bank and law enforcement authorities to mitigate further risk and aid in the investigation.
