Following my previous "Keeping Money Mule Recruiters on a Short Leash" and "Standardizing the Money Mule Recruitment Process" posts, the campaigners behind the previously exposed money-mule recruitment domains looking for "payment processing assistant", are now also looking for "mailing assistants" to reship the fraudulently purchased items using stolen financial data.
What happens once they standardize the practice? The network of reshipping mules ends up as as a web-based command and control interface, allowing the customers of the mule recruitment syndicate to easily monitor the activity regarding their fraudulently purchased goods. In both of these models, the single most evident benefit for the cybercriminal remains the risk-forwarding of the entire process to the unknowingly participating in the cybercrime ecosystem employee.
Some of the new and currently active reshipping mule recruitment brands include - Total River Goods, Fargo River Goods, Irish River Goods and Parcel Alliance. Here's how they describe themselves:
After many years of development and testing, in 2008 we released our online shipping service. With the new online service Total River Goods is true virtual mail service. We are constantly adding to our services ensuring that we will stay the market leader. Please feel free to contact us if you have any questions or comments. Unlike many other online organizations, we have a goal to reply to all queries within 24 to 48 hours, including business days and weekends."
totalrivergoods .com - 220.127.116.11 - Email: email@example.com - used in money-mule recruitment domain registration
fargorivergoods .com - 18.104.22.168 - Email: firstname.lastname@example.org
parcelalliance .com - 22.214.171.124 - email@example.com
irishrivergoods .com - 126.96.36.199 - Email: MarcusStraker909@gmail.com - used in money-mule recruitment domain registration
Thanks to Derek from aa419.org for the ping.
Keeping Money Mule Recruiters on a Short Leash
Standardizing the Money Mule Recruitment Process
Money Mule Recruiters use ASProx's Fast Fluxing Services
Money Mules Syndicate Actively Recruiting Since 2002
Inside a Money Laundering Group's Spamming Operations
This post has been reproduced from Dancho Danchev's blog.