The annual Get Safe Online awareness week has begun with warnings made about mule recruitment.
What it calls a ‘sophisticated type of online fraud that could leave you with a frozen bank account and facing criminal charges' has grown significantly this year, where victims are innocently recruited and persuaded to share their bank details. They are then unwittingly used to launder the profits of the fraudsters' criminal activities.
The campaign claimed that at any given time, there are approximately 100 known mule recruitment sites targeting the UK, each of which may have lured in around 50 active mules. The risk is that by allowing their bank accounts to be used to receive and transfer illegal funds, mules are breaking the law – even if they don't realise it.
Rik Ferguson, senior security advisor at Trend Micro, welcomed the introduction of the week and claimed that with the launch attended by representatives from all areas of business, government and law enforcement, it was ‘great to see so many people taking an active part in combating online crime'.
Ferguson said: “The focus of the event this year is on the problems posed to individuals through the mule recruitment campaigns that are unknowingly responsible for funneling £39,000,000 over the past six months into the accounts of criminals.”
Ferguson pointed at a presentation at the launch by Andy Auld, intelligence manager at the Serious Organised Crime Agency (SOCA) e-crime unit. Auld claimed that law enforcement operations are ‘locked in an arms race' with organised online crime, and pointed to three factors that are driving and facilitating online crime - the increasing technical sophistication of attacks; huge improvements in sustaining the infrastructure (such as the call centres operated by rogue anti-virus scareware companies to reassure their victims that their malicious junk is genuine or the ‘bullet proof hosting' services offered to cybercrime); and cleverer social engineering techniques used to punt the attacks.
Commenting on telephone and voice-based services being offered in the underground economy, Ferguson said that it is a growth market. He said: “I have even seen seasoned fraudsters complaining that internet banking fraud is becoming ‘too much trouble' and that the future potential was in telephone-based fraud. So SOCA are right to be concerned about this increasing sophistication.
“Bullet proof hosting (where the company who provide hardware and internet connectivity to criminal operations) has been big business for a while now. While some bigger names such as McColo and Intercage get taken offline, there is always a host of smaller players waiting to fill the void as in this underground advertisement.”
Graham Cluley, senior technology consultant at Sophos, said: “The biggest shame about the Get Safe Online website is that it's not very well known. Indeed, the only people - in my experience - who know about it are journalists working in the security arena and computer security professionals themselves.
“That's not ideal - after all, what we really need is my Aunty Hilda to know all about how to protect her computer from malware, how to shop more safely online, and how to avoid those charming business opportunities which arrive from Nigeria.
“I hope the awareness week is successful in raising the profile of the site and safe computing practices amongst the general public. I think it would be great if the government put much more effort into educating the masses into how to surf safely online.”