Feeds

Estonian plasma TVs: Phishers fingered

419ers cleared on all counts

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

We were too quick to point the accusatory finger at Nigerian 419ers for the Estonian plasma TV job offer scam as discussed yesterday.

To recap: you receive a lovely email offering the chance to get involved in the Baltic flat screen market. To do this, you will be asked to transfer certain funds abroad and keep a percentage for yourself.

Seems straight forward enough, but what is really happening, is that you are being enticed to launder money stolen from accounts compromised by phishers. This scam is well-known to the Australians, as Daniel McNamara of www.codefish.net.au notes:

"Basically the main problem for the phishers targeting Australian bank accounts is a majority of Australian Internet Banking systems do not allow overseas transactions (mostly as prevention against these forms of fraud). So what happens is:

  • Phishers compromise a number of bank accounts through either traditional phishing or keylogger trojans.
  • Phishing have no way of directly extracting the money so they recruit people via these fake jobs to act as (unwitting) mules.
  • The mules are asked to have Australian bank accounts (normally within the same bank as the compromised accounts).
  • The phishers then transfer a large amount of money (normally just under $10,000 AUD as that what trips most banks security checks) from one of the compromised accounts to the mule's account
  • The mule is then asked to withdraw the money (minus a percentage which is normal 5-7 per cent for their "wage") and wire it directly to an overseas bank account (so essentially a direct deposit). Since wire transfers are normally anonymous and fast this works very well for the phishers. There have also been cases of people being asked to withdraw the money and hand it to someone here in Australia.
  • When the banks have the missing money brought to their attention the mule is left holding the bag as the that's really where the transaction trail ends."

We spoke to Jemma Smith of the UK's Association for Payment Clearing Services, who confirmed McNamara's scenario. She further explained that Australia was originally targeted by scammers because it was possible to transfer money out of the country online. This loophole was subsequently closed, meaning that phishers based abroad could not use stolen details to themselves move funds overseas. The solution was, as McNamara explains above, to find "mules" to do the dirty work for them. Hence the fake job offers.

Smith told us that, for a UK sting, these scammers will hope to find a willing accomplice who already has an account in the same bank as the phishing victim. Once the stolen funds have been transferred into the mule's account, her or she then forwards it to the scammers, often in cash and via money transfer.

The "audit trail" therefore ends at the mule - who is certain to receive a visit from the authorities, Smith said. Indeed, they are "liable for prosecution within the UK" - and pleading ignorance is unlikely to mitigate in their favour.

Thankfully, Smith confirmed that of the millions of phishing emails received across Britain, "only a handful" ever resulted in a positive for the scammers. As for the mules, Smith expressed surprise that anyone could fall for such a transparently dodgy offer, and concluded with the time-honoured: "If it looks too good to be true, then it is too good to be true." ®

Related stories

419ers plug into plasma TV market
Phishing attacks on the rise
eBay and PayPal go after auction fraudsters
Phishmongers target Lloyds TSB customers
NatWest warns of dodgy email
Phishing and viral tech combines in new menace
Gone Phishin'
Email scammers target Halifax, Nationwide, Citibank
NatWest customers targeted in phishing scam
UK banks and police proffer anti-phishing advice

Related sites

Another fake job offer as noted on Codefish
APACS press release outlining how to protect yourself against Internet fraudsters (PDF).

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.