Where does the stolen money go?

145

Without a doubt, cybercrime is a very profitable business. It is difficult to estimate precisely, but it can be assumed that these amounts are in the billions of dollars, and possibly even hundreds of billions. There is no doubt that we are talking about huge sums, so we decided to take a look at what and how happens with the stolen money. In order to be able to trade such amounts, cybercriminals had to create an underground network of intermediaries or liaisons tasked with safely transferring cash from the victim’s account to the destination.

The first step in this process is to hack into the victim’s account and transfer the money. Once the attacker gains access to the victim’s account, it can act in two ways: either steal as much money as possible in one go, or make a series of smaller transactions that are unlikely to be noticed by special banking algorithms. If the offender is only interested in a one-time action, he or she will probably focus on one big transfer. However, if he does not want the entire process to be exposed quickly, he will likely use an intermediary to do so.

Such people are often recruited through advertising on sites such as OLX or Gumtree or in other places that tempt you with quick income without leaving your home. In fact, such people become money mules (also called poles). Let’s say that in a single tranche, a hacker transfers about USD 5,000 to a courier’s account. This person receives about USD 500 from this sum for their involvement, and then transfers the rest of the money to the account of the next person.

Many of these people are probably unaware that the money they use on their own account is being stolen. Unfortunately, in many cases it did not matter to prosecutors and judges – in the last few years, people who (even unknowingly!) Brokered bank frauds have been convicted of complicity. Of course, cybercriminals know this risk very well, which is why they sometimes use courier services in foreign countries, which are not able to effectively control and enforce the law in this area.

After repeatedly changing the recipient’s account, the victim’s money ends up on the account of the thief’s ally. Then comes the hardest part of the whole process: cash withdrawals.

This can be done in several ways. For example, an intermediary can buy valuable items such as smartphones or watches and then hand them over to cybercrime. Or he can sell them on eBay and donate cash. Another method is to buy gift cards on networks such as Walmart or Best Buy, thanks to which the thief can legally and confidently make purchases.

Sometimes it’s more complicated and sometimes less, but the effect is always the same: ultimately, the cybercriminal gets your money.