Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Sydney’s Botany Bay. Once the destination for notorious convicts. But by 2021, a new type of criminal could be found wondering the shoreline: the ‘money mule’.
When the Australian Federal Police (AFP) arrested a 27-year-old Brighton-Le-Sands man for alleged complicity in a money mule network, an often-overlooked fact was revealed. Although online scams often originate in far-away places like Nigeria, they require a local presence on the ground in Australia to succeed.
In this blog, we’ll explore the nature of international Business Email Compromise (BEC) attacks, how they rely on a global network of money mules to carry out their scams, and what you can do to avoid becoming a victim.
Organisations are beginning to wake up to the threat posed by BEC attacks.
According to the Australian Cyber Security Centre, 4,255 cases of BEC attacks were reported through the ReportCyber tool in financial year 2019-2020. With reported losses totalling over $142 million, it’s not surprising that Australian organisations are more attuned to the threat than ever before.
There are a number of reasons why this type of fraud is increasingly prevalent. As organisations strengthen their security controls, penetrating a network or application is harder than ever, requiring greater skills and more time.
Additionally, with banks unable to verify an Account Name against a BSB and Account Number, fraudsters understand that a verification gap exists when organisations are processing Electronic Funds Transfer (EFT) payments. This gap cannot be easily closed. Its existence provides fraudsters the opportunity to deceive Accounts Payable (AP) staff into transferring funds to an account under their control. Knowing that AP staff are often under time-constraints, and mostly unaware that malicious actors are using sophisticated tactics in an attempt to deceive them, fraudsters have realised that human error is the easiest pathway for them to profit.
But life for international fraudsters isn’t that easy. To carry out their crimes, they need a local bank account into which the proceeds of their crime can be deposited. That’s where the local money mule steps in.
Although many organisations are waking up to the threat posed by BEC attacks, what’s often less understood is the extent to which these scams originate in distant parts of the world.
Studies show that only 2% of BEC attackers are located in the Asia-Pacific region, with about half this number located in Australia. The evidence points to the fact that a tiny percentage of the world’s BEC actors are located in Australia. Despite this, Australian organisations are among the most targeted in BEC attacks.
What this indicates is that most of the BEC attacks seeking to defraud Australian organisations are actually being carried out by overseas-based actors.
The same study shows that 60% of all BEC attacks worldwide are carried-out by fraudsters located in Africa, with the overwhelming majority based in Nigeria.
The fact that BEC attackers are located in distant lands represents both a challenge and an opportunity. The challenge is that tracking down the final destination of stolen funds is almost impossible, thereby preventing the recovery of the funds. The opportunity for local law-enforcement is that international fraudsters can’t easily carry out BEC attacks without a local assistant on the ground here in Australia.
Any international fraudster looking to carry out a BEC attack against an Australian organisation faces one major hurdle: the need for a local bank account into which the defrauded funds can be deposited.
A Nigeria-based fraudster wouldn’t be very successful if they attempted to convince the accounts team in an Australian organisation to pay an invoice into a Nigerian bank account. You’d hope that any accounts person would realise something dodgy was taking place.
In order to successfully deceive Australian AP teams, a fraudster needs access to a local bank account into which stolen funds can be deposited. But that is easier said than done. Banks are obliged to conduct due diligence into new account holders, including the collection of Government-issued ID. Any whiff of crime, and the account would be immediately shut down.
That’s where money mules come in.
A money mule is simply a local person that has a pre-existing Australian bank account. For a fee, they agree for funds to be deposited into their bank account, before transferring them on to another account. Often, they are totally unaware that the funds are actually the proceeds of crime and that they have been duped into being criminal accomplices.
The Australian Federal Police (AFP) is warning that they’ve detected a sharp rise in money mule scams since the start of the pandemic.
In many cases, overseas-based fraudsters seek to deceive disadvantaged Australians into accepting work as the ‘local representative’ of an international company. The unwitting victim thinks they are being paid a fee to undertake legitimate invoicing work. This usually involves them receiving funds into their local bank account before sending it offshore via wire transfer or converting the funds into cryptocurrency.
Using a legitimate Australian bank account is essential as it:
Fraudsters typically target those facing economic hardship, including the unemployed, students and recent migrants.
It’s essential to realise that money mules, even unwitting ones, may be found complicit in serious crimes and can face prosecution.
Even though most BEC attackers are based overseas, don’t assume they will be using a foreign bank account in carrying out their crimes. In all likelihood, they will have access to a local Australian bank account, making it even harder for your AP team to identify an attempt to defraud your organisation.
With eftsure, you will be able to verify bank account details against our database of nearly 2 million Australian organisations in real-time. This means that when it comes to paying an invoice, you can verify that the bank account details in your systems match those used by others when paying the same supplier.
This gives you confidence that you are paying the legitimate recipient of the funds.
Contact us today for a no obligation demonstration of the many ways eftsure can help your organisation stay safe.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud can strike any time, but certain periods increase your business’s vulnerability to fraudulent activities. During these times, your teams may be …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.