National KE-CIRT/CC Cybersecurity Best Practice Guide of The Week




In This Issue:

*        Money mule












Who are Money Mules?

Money Mules are people who consciously or innocently serve as intermediaries to move stolen/illegal money using their bank account(s) on behalf of criminals/fraudsters.

How Does it Happen?

*  The criminal will get in touch with the victim via email, instant messaging apps, job website, blogs or even phone calls.

*  They will convince the victim into providing their bank account details with either an attractive job, commissions or by seeking sympathy.

*  The Fraudsters will transfer an amount into the victims account.

*  Then the victim is asked to withdraw the amount and transfer them using payment transfer services like Western Union to an account, usually in another country where criminals can then withdraw it and cash out that transaction, while allowing them to retain small amount as commission.

*  Since this process obscures the identity of the criminal, when such incidents are reported, the money mule becomes the target of police investigations, due to their involvement and just like fraudsters, are guilty of illegally transporting fraudulently gained money and can be prosecuted for this.

How to Protect Yourself

*  Never respond to calls or emails asking for bank account details, unless you are sure of who the person behind is.  Sometimes it might seem to be from bank or from your friends but might not be the case, always verify. 

*  Before you apply for any jobs online always verify the identity and contact details of employing company. Verify their identity by contacting related national organization if those are located overseas.

*  Don’t be lured by “too good to be true offers”. Listed are few of frequently used words: work from home, easy earning, no qualification requirement, no experience, work less, earn more, while few others look very genuine.

*  Report any such incidents to the National KE-CIRT/CC.

Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity

to /