A security researcher has discovered a Russian cyber crime gang that uses botnets to steal and print millions of dollars worth of false invoices. The gang then recruits money mules to cash the counterfeit checks.
The scam, which is highly automated, begins with the infiltration of online check archiving and verification services which often store vast records of previously cashed checks. It then goes through job websites to find email addresses of people looking for employment and sends a personalized message offering a position doing financial transactions, according to Joe Stewart, director of malware research for SecureWorks. The scammers then used stolen financial information to make close replicas of checks.
“They’re able to utilize this high-tech botnet to go out there, get the shipping labels, print them and pay for them with stolen credit cards,“ Stewart said. “That’s the cleverness of it. So much of it is reliant on 21st century botnet technology to carry out what’s an old-school kind of crime.“
The cyber criminals managed to breach sites used by merchants to prevent check fraud and use them to create the fake checks.
“They’re actually abusing anti-fraud systems in order to commit fraud,“ Stewart said. “The systems that are designed to prevent check fraud are actually being used to help the bad guys commit check fraud.“
He claims that when he approached several of the money mules, they told him that many of the checks didn’t go through.