A coronavirus money mule is a person that transferred money to cybercriminals for fake funds. One such money launderers is Vasty Health Care Foundation. It claimed to be a non-profit organization with branches in Nebraska and Quebec in Canada. In this article at KrebsonSecurity, Brian Krebs reveals how hackers make you a coronavirus money mule without your realizing it.
A Legitimate Coronavirus Money Mule
vastyhealthcarefoundation[.]com got registration just a few weeks ago. To prove their legitimacy, the hackers also vetted the link through The Better Business Bureau and Guidestar sites. The problem is, these links go back to GlobalGiving, a real non-profit organization. What’s more, Vasty has also copied their content to appear genuine for the potential money mules.
GlobalGiving chief product officer Kevin Conroy reported that several jobseekers were approaching them. The scammers hacked into employer accounts of popular recruiting sites like Monster.com and Hotjobs.com. They uploaded work-from-home job offers on Indeed.com and Monster.com. Next, they singled out freelancers and job seekers.
How the Scammers Got Their Mules
Vasty seems to be hiring anyone that is applying for the job. In the congratulatory email, they give unnecessary menial tasks. For instance, they make you visit local medical stores to find out the prices of face masks and sanitizers. The process is to assess if you are good enough to become their coronavirus money mule.
When you successfully deliver the reports, they inform that someone donated to help Coronavirus victims. You need to create a Bitcoin wallet account or use the QR code that Vasty has sent. 3,000 CAD is sent electronically to your bank account. You keep 150 CAD and withdraw the rest of the cash. Next, you deposit the money in a Bitcoin ATM and scan the QR code with your mobile phone. Unknowingly, you helped the hackers in transferring illegal funds to their Bitcoin wallet.
The recruiting manager of Vasty also warns victims not to divulge information regarding the transactions. The excerpt of one of the emails that Hold Security, a Milwaukee-based firm, captured:
“I strongly recommend that you not divulge the rest of the instructions for paying for medicines against coronavirus so as not to aggravate panic among the population.”
The security firm seized several such emails between the scammers and the money mules. Nonetheless, none of the affected responded to their requests for a comment. Founder Alex Holden confirms that cybercriminals are also targeting U.S. jobseekers. If you are getting emails with over-the-top job offers, the money launderers might be behind it.
To view the original article, visit the following link: https://krebsonsecurity.com/2020/03/coronavirus-widens-the-money-mule-pool/#more-50869