14 account holders of Dutch bank ABN AMRO are being investigated by police for their complicity in a phishing scam which was targeted at users of ABN AMROs online banking services.
The cyber-fraudsters behind the scam set up a number of false ABN AMRO websites in which customers of the bank were encouraged to enter their account login details. These illegally obtained details were used by the fraudsters to access victims’ bank accounts and move victims’ money to the 14 account holders who were complicit in the scam, known as ‘cyber-mules’. This technique of inter-bank transfers is preferred by fraudsters because it arouses less suspicion.
It may be difficult for police to tell whether or not the customers accused of being complicit in the scam were, in fact, victims themselves. “It can be tricky to prove the deliberate involvement of the account holder as it’s quite easy for them to claim they’re simply the victim of identity theft,” says Mark Harris, global director of SophosLabs. If the accused were complicit in the scam, they will have been paid for their services. As such, police investigators will look for any unusual payments made to them.
Police have not yet revealed how much money was stolen by the fraudsters, whom it is understood may have some connection with the Russian Business Network, a group of recently shut down websites based in Russian and Ukraine which have been used in a number of cybercrimes.
As Harris points out: “The Dutch police have sent a strong message to cybercriminals of all kinds - any participation in this kind of illegal activity won’t be tolerated.”