Data Derivatives

View Original

TREND ROUNDUP: CRIMINALS TURNING TO ONLINE RENTALS TO LAUNDER MONEY, SOCIAL MEDIA TO ENLIST YOUTH

Editor Note: This article originally appeared on The Association of Certified Financial Crimes Specialists (ACFCS) website on December 1, 2017.

Written by: Brian Monroe

In the last month, organized criminal groups, fraudsters and identity thieves have shown their creativity to launder money and monetize stolen credit card data, in some cases using online rental services to cleanse funds, while in others duping millennials into becoming “money mules” through sham social media job posts.

Early last month, in the aftermath of the Paul Manafort indictment, more than two dozen New York city and state lawmakers sent a letter to online home rental site, Airbnb, pressuring the company to identify and remove illegal listings on its site that could be used by thieves and criminals to launder money, according to the New York Daily News.

This week, The Daily Beast reported that illicit groups are using Russian crime forums to look for colluding hosts on Airbnb to launder cash from stolen credit cards, according to posts on underground forums and cybersecurity researchers. This adds a new wrinkle in the broader trend of using high end real estate in hot markets to legitimize sullied funds.

At the same time, United Kingdom fraud prevention group, Cifas, reported this week it is seeing a massive increase in criminal organizations attempting to use younger people, often referred to as millennials, to unwittingly move money on their behalf.

The analysis revealed a 75 percent increase in the “misuse of bank accounts involving 18 to 24-year-olds during the first nine months of 2017, compared to the same period last year,” according to the group. To read the full report, please click here.

The most common example of the increasing trend is when a person acts as a “money mule,” meaning they “allow their bank account to be used to facilitate the movement of criminal funds. Young people and students are particularly vulnerable as fraudsters know they are often short of cash.”

Criminals may approach them with what looks like a genuine job offer, asking them to receive money into their bank account and transfer it onto someone else, keeping some of the cash for themselves.

They can approach them through social media and online job postings.

Overall, there were 8,652 cases of “misuse of facility” cases amongst 18 to 24-year-olds between January and the end of September this year, according to the report. The 2017 figures also demonstrate a dramatic rise in money mule fraud over the last five years, with cases involving 18-24-year-olds more than doubling since 2013.

“Our new figures show that money muling amongst young people is on the rise,” said Simon Dukes, Chief Executive of Cifas, in a statement. “This is a serious issue that not only has consequences for the money mule, but for society as a whole. The criminals behind money mules often use the cash to fund major crime, like terrorism and people trafficking.” 

Airbnb’s Russian money laundering problem

The Daily Beast stated in its story it “found a number of recent posts on several Russian-language crime forums, in which users were looking for people to collaborate with to abuse Airbnb’s service.”

These operations typically work by relying on an individual or group using “legitimate or stolen Airbnb accounts to request bookings and make payments to their collaborating Airbnb host. The host then sends back a percentage of the profits, despite no one staying in the property,” or in some cases double books the property to make even more money.  

“The money is 50/50,” one apparent scammer wrote on a Russian crime forum in August, according to the Daily Beast. “You receive the money within two days after the booking date,” it continues, and adds that there are “story-telling hosts” ready, likely referring to hosts who are proactively participating in the money laundering scheme.

The issue of Airbnb money laundering came up in the Manafort indictment as part of his alleged strategies to launder tens of millions of dollars from he made from overseas activities. Prosecutors say he funneled nearly $3 million to buy a Manhattan apartment he said would be for personal use, but later rented on AirBnB.

For the many entities involved in a transaction for Airbnb – the company itself, a credit card company, merchant acquirer, payment processor and bank – it’s likely that the rental company is in the best position to see potentially fraudulent transactions that could be tied to money laundering, said Keith Furst, Founder of Data Derivatives, a boutique consulting firm focused on financial crimes technology.

The company “is the one accepting the credit card payments, so they should be the ones doing the screening,” he said, adding that they would be able to see what is happening with the host, such as if rental revenues are rising in a seasonally slow time, if an address is double booked, or if there are cards tied to the same IP address or even an IP address in Russia.

On the bank, credit card or merchant acquirer side, those entities would likely be the ones getting calls from irate customers saying that Airbnb has charged their credit cards, but they had never used the service or approved the charge, Furst said, adding that these groups should be looking for a higher rate of “charge backs” involving Airbnb.

“With a stolen credit card, there is a small window, a certain timeline the criminals have to act before the customer or bank shuts it down,” he said, adding that one of the reasons fraudsters would pick Airbnb is that it’s a large company used a lot by people across the world and would quickly accept and process the stolen credit card details.

That makes it harder for the company, banks or credit card companies to immediately realize something is amiss – putting the onus on the customers to better monitor themselves.

More information sharing needed

The scenario also illustrates gaps in information sharing across different entities, Furst said.

Although banks have Patriot Act Section 314(b) safe harbors to share information on customers suspected of money laundering and terrorism, it’s not as clear if, when and how banks, credit card companies and a private company like Airbnb, can share data to put all of the various puzzle pieces of a fraud like this together.

On the banking side, sniffing out that side of the fraud is a challenge, particularly if the institution didn’t know a customer was an Airbnb host.

If they did at least know that, they could get a hint of criminal wronging when, say, a person receives a batch of credit card transactions in larger amounts, and then immediately wires the money back to Russia or to anonymous shell companies in offshore secrecy havens, Furst said.

“The bank would only see the money going into the person’s account, but wouldn’t know it was from fraudulent credit cards” as it would probably just look like funds from Airbnb to a host.

“Online marketplaces such as Airbnb are attractive to money launderers for several reasons,” said Alison Jimenez, President of Tampa, Fl.-based Dynamic Securities Analytics, a consulting firm specializing in AML and financial services litigation issues.

“One factor money launders look for is the ability to conduct cross-border transactions,” she said. “Many online marketplaces facilitate legitimate cross-border transactions such as vacation home rentals that can be used as a cover for a criminal trying to remit illicit proceeds across borders.”

For instance, a criminal gang could smuggle fentanyl into the USA and then remit the proceeds back home via a fake “IT consulting gig” or via multiple fake home rentals run through a legitimate online marketplace, Jimenez said.

“Money launderers also look for the ability to lauder large sums of dollars at once,” she said. “Home rentals can cost several thousand dollars and serve as a quick way to cash out a stolen credit card if you have a corrupt or hacked host account on the other end.” 

She agrees with Furst that banks could be hard pressed to uncover the schemes, potentially having to be exceedingly creative.

“A financial institution that ultimately holds the account where the illicit proceeds land would need to follow KYC best practices,” Jimenez said. “One red flag could be a host that only receives payments but does not have normally associated costs like paying a cleaning service.”