FraudAction intelligence researchers have engaged a fraudster in an online chat, in which he offered a cashout method for compromised bank accounts by abusing the Azimo and Small World money transfer apps. During the transfer, the mule account would be concealed behind a special one-time bank account that these apps provide for single transfers, serving as an account in the middle.
- A compromised bank account
- A mule account linked to an Azimo or Small World account
- Download and open one of Azimo or Small World apps.
- Fill in the form with the transfer details.
- In the checkout, select ‘Bank Transfer’, and you will be given a special bank account number just for the specific transfer.
- Make a regular bank transfer from the compromised account to this special account.
- The money will be forwarded to the mule account.
The following conversation with a fraudster details how they leverage this method using legitimate apps:
As we know, fraudsters are always looking for new cashout methods and often abuse legitimate services to do so. Mitigation lies in awareness of the phenomenon and fine-tuning threat detection in your organization regarding the use of third party online money transfer services such as the apps mentioned in this report.