The cyber-underworld is highly specialized, with the malware authors and purveyors at one end, and the cash out fraudsters responsible for laundering loot from compromised accounts on the other end.
RSA, EMC’s security division, recently took a long look at another side of the cyber-crime business. Researchers focused on a reshipping operation dubbed “Air Parcel Express,” where scammers recruited people to serve as mules for merchandise bought with stolen credit card information. The credit card data is often taken via phishing, malware and other attacks.
The mules in such operations are typically hired through legitimate channels such as popular employment Websites. According to RSA, the mules in many cases are being duped themselves, and don’t even know what they are doing is illegal.
Once they are hired, the mules ship the goods overseas. When the scammers get it, they auction it off or sell it.
“In order to successfully purchase (‘card’) expensive merchandise with stolen payment cards and later sell for cash, fraudsters have to ensure that the mailing address matches the billing address,” according to RSA. “This obstacle is usually easily overcome by changing the billing address of compromised cards to the addresses of their hired, pre-assigned mules.”
“Another challenge for fraudsters in managing a successful reshipping operation is obtaining a seemingly innocuous ‘drop’ address where mules dwell,” the researchers explained. “The most effective way to overcome this challenge is to recruit and hire mules that live in the United States. The United States is a strategic location for fraudsters in which to base their reshipping scams as many major online merchants who sell popular high-value goods do not ship their items outside of that country.”
In addition to their analysis of the shipping operation, RSA included some good advice on how to recognize shady job opportunities and avoid getting roped into this sort of scheme.