The cyber world is a place of great surprises and traps. Ignore one signal – avoid one warning – disaster is guaranteed. So many types of crimes occur in the cyber space that it has become nearly impossible for security agencies and police to keep track of them – let alone the common citizens. Shelf life of cyber crime is said to be typically 3 months. This means that in the short duration of 3 months the entire concept, procedures, techniques and commission of cyber offences change. In such a scenario it become all that more challenging for police to keep their officers trained and primed to tackle such crimes. How often can they train and retrain their personnel to keep them up to date and “battle ready”?
In the same manner how often can a common citizen be kept aware regarding the types and modus operandi of the ever changing world of cyber crimes? Not all the time and not definitely every 3 months. The result is that there is an ever existing and worryingly ever widening gap between public awareness and the activities of cyber criminals. This gap often leads to citizens getting trapped in cyber offences, often knowingly!!
One such offence is called the offence of money muleing. This can be better illustrated using an offence that occurred a short while back in Delhi. A small local businessman received an email from an African Nation that he had run into serious luck and had won their country’s official lottery. The amount that the person being targeted had won was a whopping `10 Crores! The man was bemused to say the least because he knew that such Phishing techniques are used to draw citizens into the net and then some form of crime is committed on them. But being adventurous by nature he decided to have some fun. He read the whole email and in the email it was mentioned that the account number should be sent so that the winning amount of 10 Crore may be transferred.
The adventurous victim-to-be thought that with only the account number in possession, no cyber swindler can take out money from his account. So even though he knew about this lottery based phishing attacks, he decided to send his account number, just to see what the fraudsters would do next. He took a big risk and that too knowingly – a risk that was destined to land him in great trouble in the time to come. He least expected but after a couple of days, lo and behold `5 Lakhs was transferred into his account. He couldn’t believe his luck and what had happened. He was so stunned and numbed that he started thinking in the wrong direction. That is exactly what the cyber fraudsters wanted. The victim started really feeling that he was so wrong – he felt that he had run into some serious luck and that too unknowingly. He soon received another email! This one stated clearly that the first installment of money had been transferred, but if the victim wanted the rest he would have to deposit 3 Crore with the senders so that the Tax of their nation (which was 30%) amount would be settled and then the rest of the amount would be duly transferred.
The poor entrapped victim was now trapped hook, line and sinker. He said that he did not have the huge amount of 3 Crore with him so he was unable to send. Soon another email came to him which sympathized with the fact that he was not expected to have such a large amount just lying around. So a formula was suggested. They said that we have sent the first installment of 5 Lakhs – now the victim should send them 10 Lakhs. Then they will transfer 15 Lakhs and the victim can send back 10 Lakhs – then they will send 50 Lakhs and the victim will send back 20 Lakhs and so on and so forth. This way the victim will get his 10 Crore and the sender will get the tax of 3 Crore. This was an ingenious ploy and a masterstroke. The victim saw the logic in the argument and proceeded to borrow 5 Lakhs from his friends and acquaintances and added the 5 lakhs already sent to him and transferred the entire amount to the account details that were provided. That signaled the end of the communication with him and try as much as he could he never got any future reply from the fraudsters.
Having fallen into an open trap and that too knowingly – the victim was in a real dilemma regarding his next step. As he had borrowed a large sum he could not report the fraud with him to the police – fearing a backlash from his lenders. Still contemplating his next step, he was in for another rude shock. One morning Hyderabad police came knocking at his door. As soon as he opened the door he was arrested. He cried out that he himself was the victim of a heinous cyber crime, then why was he being arrested. He was duly informed that the original 5 Lakhs that had been sent to his account had been defrauded from another victim in Hyderabad who had been given this Delhi businessman’s account details to transfer the funds being defrauded from him. Thus the “know all” Delhi victim was in a way receiver of stolen property. He had not told anyone that he had got any money, not even clarified from his bank regarding the source of the money transferred to him. All the while he was thinking of his brilliant luck and unexpected windfall. He had played into the hands of the tricksters and had even transferred this stolen property (nay money) abroad, beyond the borders of India.
Thus the poor man had become victim of the classic cyber offence of money muleing. He was victim of a crime and also an offender in another, all at the same time. Thus the cyber world is a real tricky place and if some security knowledge exists – put it to good use and practice. Do not try to be a tad too clever and outsmart the cyber thugs. They are shadowy and highly deceitful characters – they will outsmart you one way or the other, if you engage them. So keep alert, keep aware and keep away!
