[Cyber ​​Attacks] Internet money laundering is rampant, fraudulent methods emerge endlessly

▲ The Association for Global Banking, Financial Telecommunications (SWIFT) and the security company BAE Systems jointly released the "Follow the Money" report, hoping to awaken the global financial industry and increase its vigilance against cyber attacks and criminal tactics.

In recent years, global technology and network technology have developed rapidly, economic and commercial activities have become more efficient, and criminals have begun to understand loopholes and defraud money from them. The Association for Global Banking and Financial Telecommunications (SWIFT) and the security company BAE Systems jointly released the "Follow the Money" report, which analyzes the criminal methods of criminals, and brings inspiration to finance and global enterprises, and calls for active responses Prevent cyber attacks before they happen.

The East Asian region law looses the shell company as a cover

Brett Lancaster, director of SWIFT's customer security program, said that global financial institutions are facing increasing threats from cyberattacks, because criminals have more resources, escalating attack methods, and cleverly use untraceable money laundering methods to commit crimes.

It is hoped that the report can alert peers to share intelligence and information with each other, tighten due diligence requirements, and appropriately allocate resources to system maintenance and defense.

Simon Viney, head of BAE Systems' Cyber ​​Security Financial Services Department, also pointed out that it is estimated that the global annual losses suffered by cybercriminals will exceed 1.5 trillion US dollars. With the advancement of criminal technology, private and law enforcement agencies also need to cooperate with each other to increase their understanding and awareness of new money laundering technologies, so that criminals cannot be exploited.

The "Follow the Money" report mentioned how the funds were stolen and what happened after the theft. The report describes how criminals used a complex network of money mules, front companies, and virtual currencies to steal money from cyberattacks.

The analysis report pointed out that criminals often use shell companies to cover up, and cybercriminals also tend to use textile, clothing, fishery and seafood products companies as shell companies to confuse people and mobilize funds. The report pointed out that due to looser laws and regulations in some areas of East Asia, it is convenient for criminal groups to conduct money laundering and various illegal operations. Second, when money is defrauded, the experienced criminals will wisely avoid the attention of law enforcement agencies. However, some inexperienced criminals will immediately buy luxury goods and investment, and they will immediately attract the attention of law enforcement agencies, and they will eventually be arrested.

Invest in the drug market after stealing

In addition, the report also specifically pointed out that the recent money laundering strategy created by criminals can not only steal funds but avoid follow-up investigations. For example, cyber criminals will publish false job advertisements to recruit unsuspecting job seekers to act as money mules and be responsible for withdrawing funds. At the same time, criminals will also use internal personnel of financial institutions to prevent or undermine the compliance team from conducting user reviews (know-your-customer, KYC) and due diligence on new accounts. Subsequently, the criminals will convert the stolen funds into assets that can maintain their value and will not attract the attention of law enforcement agencies, such as jewelry or real estate.

Finally, as the final stage of money laundering by lawbreakers, after they steal money, they may seek to reinvest, especially in the illegal drug market, to increase criminal proceeds. The report points out that in Europe, more than one-third of organized criminal groups, including cybercriminals, are directly involved in the production or trafficking of illegal drugs and drugs. Many cybercriminals operate some hidden websites and dark web markets. These websites can provide illegal drugs, guns, malware, hacking tools, stolen financial information, payment cards and other commodity transactions. Under certain illegal market transactions, they can get bitcoins worth millions of dollars, and the returns are considerable.

▲ With the advancement of science and technology, criminals have begun to make good use of the characteristics of cryptocurrencies to assist in illegal money laundering. (AFP picture)

Criminals use cryptocurrency to launder money

The road is one foot high, the magic is high, and cyber crime has entered a new era. According to the "Follow the Money" report, Lazarus Group, a well-known cybercrime group, used to control East Asian facilitators to assist in money laundering by controlling the cryptocurrency funds stolen from exchanges. . The latter first used the new bank account associated with their foreign exchange account to transfer a portion of the funds and convert the stolen money from cryptocurrency to general legal tender. The other funds are transferred to Bitcoin and purchased prepaid gift cards to save more Bitcoin in the future.

The report pointed out that although the number of cases of money laundering through cryptocurrency is very small so far, there have been several major incidents involving millions of dollars, so it cannot be ignored. Digital transactions are attractive because they are conducted in a peer-to-peer manner, can circumvent the compliance and KYC checks performed by banks, and usually only require an email address to complete.