Updated: Mar 12, 2021
Published: November 20, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
If what a hacker does with a large pile of stolen cryptocurrency is the question, then laundering it, much like the way it’s done with illegal drug money and traditional financial heists, is the answer. Large-scale financial cybercrime, it seems, follows the roadmap that other more traditional financial crimes have used for decades to hide the haul. A recent report by SWIFT, a company that safeguards the global financial ecosystem, sheds light on the problem of large-scale money-laundering that stolen cryptocurrency creates. As cryptocurrencies and digital wallet thefts rise, reliance on old school laundering tactics also increase. Using money mules is highly dangerous and new payment tools like using prepaid cryptocurrency cards to clean the funds is an option.
The report finds threat groups, nation-state actors, and lone hackers see traditional money laundering as a better way to hide their stolen funds rather than using cryptocurrency. They see “old school” money-mules as the way to break the link between the crime and laundering the stolen e-currency. These mules can open front companies and bank accounts or sell drugs and use human trafficking to cover the tracks of the crime. With cyber bank theft, mules use stolen or create fake debit cards to use at ATMs. The money they fraudulently withdraw from ATMs and other compromised bank accounts is taken to currency exchanges for laundering.
Although SWIFT finds using cryptocurrencies to launder stolen funds is rare, some criminal groups are now choosing to blend the e-currency with large amounts of other funds, making it difficult for authorities to locate. Whatever method thieves choose to clean their hijacked cryptocurrency, SWIFT and government agencies are close on their trail to stop these and other funds from being laundered and integrated back into mainstream finance.
Keeping hackers away from financial theft to begin with should be a goal for any business. Threats like ransomware, which locks a company’s data and keeps it from being used, provides the bad guys with their profit from ransom payments. The FBI along with scores of cybersecurity experts warn enterprise never to pay the ransom as it only encourages more of the same attacks. However, there are precautions that can identify ransomware attempts and help prevent them from going forward.
Since targeting employees with phishing emails is the preferred method of infection, continuing education of staff about cybertheft methods can stop a ransomware attack before it starts. Also, regularly backing-up data gives a business the ability to restore it without having to pay a ransom. Data back-ups should be tested at intervals to ensure they work when needed and be kept out of reach of internet intruders. So, whether it’s cryptocurrency or cash money you need to protect, using tactics to keep cyberthieves away from doing their “job” is a great place to start.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com