 |
 |
|
|
|
"Money Mule" attacks involve exploiting the valid
online banking credentials of small- and medium-businesses and stealing money via the
illegal transfer of funds. In a typical scenario, the targeted entity receives a
“spear phishing” email which may contain an infected attachment or a link to an infected
website. When the attachment is opened or the website is visited, malware is installed
on the recipient’s computer that attempts to steal valid login information. The victims
in this scheme are called “Money Mules” because they serve as a conduit between the
business bank account and the hacker’s bank account.
“Spear phishing” emails target
a group with something in common, like small- and medium-businesses. The emails contain all
sorts of urgent and legitimate-sounding offers to entice the recipient to open the attachment
or go to the infected website.
Here are some tips from the FBI to avoid being a victim
of a “Money Mule” attack:
- Keep in mind that most companies will not request personal information via email.
If in doubt, give them a call (but don’t use the phone number contained in the email).
- Use a “phishing” filter – many of the latest web browsers have them built in or offer
them as plug-ins.
- Keep browsers up-to-date and use the latest released version available.
- Use anti-virus software and keep the software up-to-date.
- Never follow a link to a secure site from an email – always enter the URL manually.
- Don’t be fooled (especially today) by the latest scams. Visit the Internet
Crime
Complaint Center (IC3) and
"LooksTooGoodToBeTrue" websites for tips and
information.
|
 |
|
|
