Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Dirty Jobs: Cybermule

Created: 22 Apr 2010 12:47:50 GMT • Updated: 23 Jan 2014 18:28:07 GMT
Ben Nahorney's picture
+1 1 Vote
Login to vote

In this day and age we’re all aware of the threat cybercriminals pose to our personal information. If you’re not careful, items such as your credit card number could fall into the wrong hands, resulting in unauthorized goods and services being purchased in your name. What may come as a surprise is not everyone participating in these activities is a full-blown cybercrimial. Some are ordinary citizens—just like you and me—that unintentionally get caught up in illegal activity.

How does this happen? Let’s say you’ve recently lost your job and are desperate to find new work. So, you post your resume on a job recruitment website. A short time later you receive an email from a recruiter:

Acme Inc. is opening a vacancy for the Correspondence Manager position.

What luck—the job is done entirely from home, receiving and reshipping packages. It’s easy work that pays quite well:

Base Payment Mail handling managers receive $1000 salary per month and additionally $25 for every shipped package during the trial period.

It sounds too good to be true, right? Well, it is. The job, should you accept it, actually entails redistributing goods purchased online with stolen credit cards. Congratulations, you’re a cybermule.

So how does the process work? We’ve put together a short video that covers this:

It’s a common enough ruse, exposing the new “worker” to criminal liability. These mules essentially mask the real criminals, garnering little benefit for themselves. At the very least, the riches promised in this line of work often never materialize, wasting any time or money the cybermule invested in it.

It’s not a new scam, but it is common enough for both the US Federal Trade Commission and Federal Bureau of Investigation to issue recent warnings. Symantec has also released the latest Internet Security Threat Report, which touches on this scheme as well as other trends seen in the last year.