The worsening economy appears to be helping computer crooks with one of their toughest tasks: tricking people into opening their homes and bank accounts and becoming "mules" for laundering money or stolen goods.
The scams themselves aren't new. They're pitched in spam e-mails as "work-at-home" jobs that promise excellent part-time money for helping companies pay clients in other countries. The victims are asked to open new bank accounts in their names, agree to accept anonymous payments into those accounts, and forward those payments by way of money transfer, usually to locations in Eastern Europe.
The scam is classic money laundering with an Internet twist. The money is generally real, and the middle man is promised a cut. What those middle men may not know is they're trafficking in ill-gotten gains and helping criminals pay each other while disguising the source. And the mules are often the ones at the greatest risk of arrest.
Savvy computer users usually identify this as a scam. But security researchers say more people are willing to take a risk on the come-ons as unemployment rises and the volume of the mule e-mails increases.
"When people are scared of a job going away, or they're worried about having money to pay bills, they might look at something like this in a different light than when things are rosy and great," said David Marcus, McAfee Inc.'s director of security research and communications.
The ads for these jobs are getting more convincing, but part of their allure is they are light enough on details that someone who wants to believe badly enough in easy money can convince themselves the messages are legitimate. The job titles offered in the spam generally include variants of "international sales representatives" or "shipping managers."
McAfee's annual "Virtual Criminology Report," which is set to be released Tuesday by the Internet security company, says 873 money-mule recruitment Web pages were detected in Britain in the first half of 2008, a 33% increase over the first half of 2007. That data was compiled by APACS, the United Kingdom's payment-industry trade group.
More evidence emerged from a recent study by Panda Security, a Spanish software vendor that found that job-related messages hit a new record of 0.31% of all spam in October, nearly triple the proportion from August. And the success rate in recruiting money mules rose to 1.8% in October, from 0.5% in August.
The company tracked those figures by partnering with another large security firm, which wasn't identified in its report, that was monitoring active mule networks. Panda Security looked at seven large money-mule operations in North America.
Computer attacks in general have sharply increased in the past few months.
IBM Corp. says the number of daily attacks it spotted against Web servers and computer networks increased 30% over the past four months, to more than 2.5 billion attempted incursions worldwide.
"Those are very scary numbers," said Gunter Ollmann, chief security researcher for IBM's X-Force security services team.