Feeds

Estonian plasma TVs: Phishers fingered

419ers cleared on all counts

  • alert
  • submit to reddit

5 things you didn’t know about cloud backup

We were too quick to point the accusatory finger at Nigerian 419ers for the Estonian plasma TV job offer scam as discussed yesterday.

To recap: you receive a lovely email offering the chance to get involved in the Baltic flat screen market. To do this, you will be asked to transfer certain funds abroad and keep a percentage for yourself.

Seems straight forward enough, but what is really happening, is that you are being enticed to launder money stolen from accounts compromised by phishers. This scam is well-known to the Australians, as Daniel McNamara of www.codefish.net.au notes:

"Basically the main problem for the phishers targeting Australian bank accounts is a majority of Australian Internet Banking systems do not allow overseas transactions (mostly as prevention against these forms of fraud). So what happens is:

  • Phishers compromise a number of bank accounts through either traditional phishing or keylogger trojans.
  • Phishing have no way of directly extracting the money so they recruit people via these fake jobs to act as (unwitting) mules.
  • The mules are asked to have Australian bank accounts (normally within the same bank as the compromised accounts).
  • The phishers then transfer a large amount of money (normally just under $10,000 AUD as that what trips most banks security checks) from one of the compromised accounts to the mule's account
  • The mule is then asked to withdraw the money (minus a percentage which is normal 5-7 per cent for their "wage") and wire it directly to an overseas bank account (so essentially a direct deposit). Since wire transfers are normally anonymous and fast this works very well for the phishers. There have also been cases of people being asked to withdraw the money and hand it to someone here in Australia.
  • When the banks have the missing money brought to their attention the mule is left holding the bag as the that's really where the transaction trail ends."

We spoke to Jemma Smith of the UK's Association for Payment Clearing Services, who confirmed McNamara's scenario. She further explained that Australia was originally targeted by scammers because it was possible to transfer money out of the country online. This loophole was subsequently closed, meaning that phishers based abroad could not use stolen details to themselves move funds overseas. The solution was, as McNamara explains above, to find "mules" to do the dirty work for them. Hence the fake job offers.

Smith told us that, for a UK sting, these scammers will hope to find a willing accomplice who already has an account in the same bank as the phishing victim. Once the stolen funds have been transferred into the mule's account, her or she then forwards it to the scammers, often in cash and via money transfer.

The "audit trail" therefore ends at the mule - who is certain to receive a visit from the authorities, Smith said. Indeed, they are "liable for prosecution within the UK" - and pleading ignorance is unlikely to mitigate in their favour.

Thankfully, Smith confirmed that of the millions of phishing emails received across Britain, "only a handful" ever resulted in a positive for the scammers. As for the mules, Smith expressed surprise that anyone could fall for such a transparently dodgy offer, and concluded with the time-honoured: "If it looks too good to be true, then it is too good to be true." ®

Related stories

419ers plug into plasma TV market
Phishing attacks on the rise
eBay and PayPal go after auction fraudsters
Phishmongers target Lloyds TSB customers
NatWest warns of dodgy email
Phishing and viral tech combines in new menace
Gone Phishin'
Email scammers target Halifax, Nationwide, Citibank
NatWest customers targeted in phishing scam
UK banks and police proffer anti-phishing advice

Related sites

Another fake job offer as noted on Codefish
APACS press release outlining how to protect yourself against Internet fraudsters (PDF).

Secure remote control for conventional and virtual desktops

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.