The Life of a Mule

By Deane Barker on July 14, 2005

Cybercrooks lure citizens into international crime: This an interesting article about how crooks are duping people into helping them use information they’ve phished for. We all understand how they get the credit card information from email scams, but this is a good look at what happens to it after that.

I used to invesitgate credit card fraud for a card issuer, and the easiest kind of fraud to perpetrate is over the phone or the mail — and now the Web. You just need the credit card number and expiration (and these days, the verification code from the back). You don’t need to manufacture a plastic, and there’s no stress of having to do anything face-to-face.

The problem, however, was where to mail the stuff without leaving a trail. You can’t really send it to your house. While the credit card issuer isn’t going to care too much because he’s going to charge it back to the merchant (see the comments of this post for a detailed explanation), that merchant may come calling. If you buy something from Best Buy online, maybe not, but when Phil’s House of Ming Vases takes a $10,000 chargeback, Phil and a couple of this friends are going to come knocking at the address where they sent the vase.

And now the crooks have moved overseas. This presents another problem — a lot of merchants won’t ship overseas for obvious reasons. Enter the mule.

The 16-line classified advertisement that appeared April 5 in The Union in Grass Valley beckoned like a life preserver: “Look at this! WORK at Home! Correspondence manager vacancies. MAIL PACKAGES from home without leaving your current job. Easy! Ship parcels from our clients. Get Paid $24 per parcel! Info:”

This guy took receipt of packages, then slapped new labels on them and sent them to Russia. The problem sounds obvious to you and I, but they’re recruiting thousands of people.

It turns out this guy won’t be arrested, because of his lack of criminal intent, but he explained how the guys in Russia tried to draw him into deeper waters when they asked for bank account information.

A few days later, on May 5, an unusual deposit of $4,358 was made into Karl’s checking account. The funds came from Chase. “It caught my eye because it was an electronic credit card transfer,” Shelton says. “That’s not something you see every day.”

[…] Via e-mail, the supervisor calling himself George Selembo instructed Karl to “please withdraw the whole amount” and send $4,011 via Western Union to Andrey Jaremchuk in St. Petersburg, Russia. Karl could keep the remainder as pay.

And just like that, he moved from reshipping mule to money launderer. These guys don’t play around.

That $4,500, it turns out, came from a bank loan officer in Des Moines:

Upon notifying Chase of the break-in, Sesker learned someone had not only changed his billing address, but also the date of birth and mother’s maiden name associated with his account. About a week after Chase approved the credit limit boost to $5,000, the bank next approved an electronic credit card transfer of $4,300 to a different account — the same kind of transfer that moved $4,358 from a Chase credit card account into Karl’s Bank of America checking account.

It’s a good article, as the USAToday follows the trail from fake Web site to stolen identity to email trail and onward.