Rs 1.8 cr passed through mule accounts: How you are being duped by this scam

Mule accounts are essentially bank accounts that receive funds from illegal activities and then transfer them elsewhere, acting as a bridge in the laundering process.

Accounting for 55 per cent of all fraud in India, third-party bank account takeover represents a bigger slice of the fraud pie than social engineering scams, according to the findings from the report '2024 Digital Banking Fraud Trends in India' by BioCatch, a leader in digital fraud detection powered by behavioural biometric intelligence.

How do fraudsters scam you?
Phishing or smishing attacks are the most effective ways of third-party fraud, whereby users click on links they believe to be genuine and input their details/credentials.

For example:  The victim receives an email or phone call posing as their bank to inform them that KYC checks are required on their account. By clicking a link, the victim ends up on a phishing website where they input their details, including bank credentials, or worse download malware that directly steals their credentials from the bank website/mobile app as the victim logs in.

 

What do fraudsters do next?

Once the fraudster has a victim’s credentials, they can access that individual’s bank account freely, conducting transactions often without restrictions. Their main objective is to execute payments, but fraudsters also take out loans and cash them out. "With the exponential rise in UPI, we’re also seeing fraudulent payments on this platform – although these tend to be low in value (50% of reported frauds via UPI are below Rs 10,000," noted the report.

Mule accounts on the rise
There is a concerning bump in mule accounts used in these frauds, according to the report. Mule accounts are owned by people who are duped by fraudsters into laundering stolen/illegal money via their bank accounts. When such incidents are reported, the "money mule" becomes the target of investigations due to their involvement. A recent notable case in Bengaluru involved the arrest of individuals operating 126 mule accounts linked to various cybercrimes across India, highlighting the scale and complexity of the issue.

Preliminary analysis of one of these cases showed the fraudsters used a device shared among four other reported mule accounts. This can be common among mule networks that operate many accounts on a large scale. 

" In India, mule accounts are being opened by legitimate Indian nationals who are selling off the use of the accounts (the “Accomplice” persona). This makes the account harder to detect at onboarding," noted the report. 

"Every device found to participate in mule activity in India logged into an average of 35 accounts each," it added. 

At least Rs 18 million is known to have passed through some of these mule accounts, reported BioCatch.

How money mules work

Spotting a Money Mule Scam

Here are a few tips that BioCatch recommends to avoid mule scams:

Unexpected Contact: Treat unexpected communications, especially those offering lucrative, effortless jobs, with skepticism.

Vague Job Descriptions: Be wary of job offers with ambiguous descriptions and responsibilities, particularly if money transfers are involved.

Rushed Process: Scammers often pressure you into making swift decisions, such as hurriedly confirming your identity or claiming a reward. Pause and scrutinize the demands carefully.

Unusual Payment Methods: If you're solicited to use unconventional payment methods, such as gift cards or virtual currency, be very cautious.

Fraudsters are likely accessing Indian mule accounts from outside the country

 While 86 per cent of the first session of documented mule account activity came from within India, after a month, that number fell to just 20 per cent and 16 per cent of those sessions used a virtual private network (VPN)," the findings showed.

The findings come on the heels of a recommendation by the Reserve Bank of India (RBI) that financial institutions in that country abandon text-based one-time-passcodes as a method of secure authentication.

“The existing OTP-based authentication doesn't protect customers against new-age frauds, including customer-initiated fraudulent transactions,” counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank Charanjeet S.Bhatia said in response to the RBI recommendation. “With the right technology and implementations, banks can do a lot more than what they are currently doing to protect customers.”

BioCatch customers saw more mule activity (14 per cent of the total) in Bhubaneswar than anywhere else in the country

 

Lucknow and Navi Mumbai accounted for 3.4 per cent of recorded mule activity, two cities in West Bengal - Bhagabatipur and Gobindapur - 1.7 per cent and 2.6 per cent, respectively, Mumbai 2.2 per cent, Bengaluru 1.8 per cent, and Cuttack 1.6 per cent, said the report.

At one partner bank in the country, BioCatch found nine out of every 10 mule accounts went undetected.

"The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space," said Tom Peacock, BioCatch’s director of global fraud intelligence.

BioCatch's report underscores the urgency with which Indian banks must bolster their fraud defences. 

“The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region,” said BioCatch’s APAC Vice President of Sales Richard Booth.

 “All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day. To combat this onslaught of fraud and financial crime, BioCatch continues to believe that banking and financial institutions need as much intelligence on the criminals, their tactics, and their fraud arsenals as possible."