A growing concern of online users is the possibility of interception or exploitation of their personal information by fraudsters. For example, a user is liable to be tricked into providing personal information to a fraudster or to a bogus website, allowing the fraudster to perform online transactions.
Another type of fraudulent activity perpetrated online is the transfer of money obtained as a result of a scam. Fraudsters recruit people that have legitimate bank accounts (often called “mules”) to provide their account details for the purpose of carrying out a fraudulent transaction, during which money is transferred from the account of the victim (the person from the account of whom money is stolen) to this recruited legitimate bank account (often called a “mule account”, which receives fraudulent transfers of money).
Potential mules are recruited by various techniques such as by sending e-mails, via job search websites, and through Internet blogs. The potential mule is lured to provide his legitimate bank account details by a convincing fictitious story, whereby a sum of money is then received in the mule's bank account while the mule is offered a portion of the received money as commission. The mule is instructed to transfer the balance to another party, often resulting in a chain of fraudulent activity. For example, the mule knowingly or unknowingly acts as a channel (middleman) to perform fraudulent transfer of money and finally, the mule drafts the transferred amount (that actually was stolen from the victim) and delivers it to the fraudsters (e.g., by depositing it through remote clearance or cash delivery systems like Western Union). This way, it is harder to track fraudsters and incriminate them. This way, fraudsters can collect a plurality of legitimate accounts, which will be stored and then used as mule accounts for fraudulent activity, even though in most cases, if the fraudulent activity will be identified, the mule will be targeted by law enforcement authorities. However, it is hard to incriminate the mule that often claims that he was not aware of the fact that he has been used as a middleman for carrying out a fraudulent transaction.
When the victim's browser is infected with malware, the malware waits for the victim to log-in into his bank account and as soon as the victim completes the identification process and gets in, the malware can start acting within the relevant web-pages in the website of the bank.
Since the malware operations are invisible, as soon as the victim logs-in and is inside a legitimate web-page of the bank, the malware secretly opens an invisible IFrame (an element of a predetermined size and location on a web page that opens a transaction page on the bank's domain) in the current page, through which the malware forces the victim's browser to navigate to a new transaction page in the same website. The whole process is performed within this IFrame, which is invisible to the victim but is accessible to, and controlled by the malware.
It is therefore an object of the present invention to provide a method for detecting the fraudulent transfer of money from a victim's legitimate account to a mule account.
It is an additional object of the present invention to provide a method for identifying the beneficiary of the fraudulent transfer and to prevent additional fraudulent activities.
Other objects and advantages of the invention will become apparent as the description proceeds.