<p>Bengaluru: A 19-year-old engineering student’s life in north Bengaluru turned into a nightmare after he learnt that the bank account and associated credentials and details shared with his friend were misused by cybercriminals to launder Rs 7 crore of crime proceeds. </p>.<p>This is not an isolated case. </p>.<p>At least after 2023, cybercrimes in Bengaluru rose sharply. The following year, cybercrime victims in the state capital lost Rs 1,995 crore, the largest sum lost to date. At the same time, cybercrime investigators trying to trace the money trail found a crucial cog in the cybercrime wheel: mule account networks. </p>.<p>According to sources in Karnataka’s Cyber Command Centre (CCC), this is a well-oiled machine spread across the state. In many cases, cybercriminals abroad handle these networks, while in other cases, it is the local agents. </p>.Karnataka cyber command arrests 68 ‘mule herders’, uncovers Rs 85 crore scam network.<p>“In the case of the 19-year-old, his bank account was unwillingly used. But in some cases, people knowingly hand over their KYC details to local agents or ‘mule account herders’, who pay them a measly sum or a commission of 5-10% based on the transaction and open multiple accounts using those KYC details,” says a senior Karnataka police officer. </p>.<p>Once set up, these accounts are either sold or rented online: in many cases, the sales happen through word of mouth. These accounts are also sold on online marketplaces – both on the surface web and the dark web — to cybercriminals who will buy the whole set: the bank account, the ATM cards, passbooks, cheque books, net banking credentials, linked SIM cards, etc. </p>.<p>This will enable the cybercriminals to have full control over the account, while investigators who dig through them will find they are actually registered in the name of some random person in some remote village or town.</p>.<p>Investigators say that these networks have risen in a sophisticated manner for new-age modus operandi like digital arrest and investment frauds, also known as “pig butchering” scams, leading to each of these crimes having more than five or 10 layers in the laundering process. </p>.<p><strong>Layered transfers</strong></p>.<p>Once the network is up and running with hundreds of mule accounts, the crime proceeds are layered by systematically funnelling them through these multiple bank accounts. They are then handled by “mule account handlers/ operators” appointed by the cybercriminals for a commission and, in some cases, as a work-from-home opportunity. </p>.<p>These accounts are linked to shell companies or small businesses, many of which dissolve shortly after the laundering process. The proceeds can also flow into online money-based games and task-based fraud, disguising the stolen money as genuine payouts. </p>.<p>In the final stage, after passing through several of these layers, the crime proceeds are converted into cryptocurrency, withdrawn as cash via ATMs or cheque, used to purchase luxury assets, etc. Majorly, the end is cryptocurrency before it is handed over to the kingpins in China and Southeast Asia, cybercrime investigations have revealed. </p>.<p><strong>Systematic effort</strong></p>.<p>Cyber Command sources believe a concentrated effort is required to systematically dismantle these networks. </p>.<p>“When cybercrime cases – those damaging financially – blew up, the then approach was only recovering the money, leading to the case dying. In some cases, maybe 10%, some more investigation was done, and some local agents or foot soldiers were picked up as suspects,” says a senior cybercrime investigator in Bengaluru. </p>.<p>“After the Cyber Command Centre was established, the approach has changed to dismantling the mule account networks. Once the network is dismantled, the cybercriminals will have no other way to park, transmit and launder the crime proceeds. If the retailer or the herder of these mule accounts is hit, it will also affect the cybercriminals in cahoots with them currently and prevent fraud in the future. This is the main aim of the recent drive to dismantle mule accounts in Karnataka by the Cyber Command Centre.”</p>.<p>The investigators may also take a different approach towards the owners or the KYC holders of these mule accounts. </p>.<p>“Technically, they are complicit. But we need to look at the practicality. There can be hundred mule account owners in a single fraud, and thousands of cases are registered every year. Is it better to make them as accused, burdening the courts with prolonged trials, or make them as witnesses against the main accused? It will have to be looked at by the police investigator and those overseeing the specific cases,” opined a cybercrime investigator in Bengaluru.</p>
<p>Bengaluru: A 19-year-old engineering student’s life in north Bengaluru turned into a nightmare after he learnt that the bank account and associated credentials and details shared with his friend were misused by cybercriminals to launder Rs 7 crore of crime proceeds. </p>.<p>This is not an isolated case. </p>.<p>At least after 2023, cybercrimes in Bengaluru rose sharply. The following year, cybercrime victims in the state capital lost Rs 1,995 crore, the largest sum lost to date. At the same time, cybercrime investigators trying to trace the money trail found a crucial cog in the cybercrime wheel: mule account networks. </p>.<p>According to sources in Karnataka’s Cyber Command Centre (CCC), this is a well-oiled machine spread across the state. In many cases, cybercriminals abroad handle these networks, while in other cases, it is the local agents. </p>.Karnataka cyber command arrests 68 ‘mule herders’, uncovers Rs 85 crore scam network.<p>“In the case of the 19-year-old, his bank account was unwillingly used. But in some cases, people knowingly hand over their KYC details to local agents or ‘mule account herders’, who pay them a measly sum or a commission of 5-10% based on the transaction and open multiple accounts using those KYC details,” says a senior Karnataka police officer. </p>.<p>Once set up, these accounts are either sold or rented online: in many cases, the sales happen through word of mouth. These accounts are also sold on online marketplaces – both on the surface web and the dark web — to cybercriminals who will buy the whole set: the bank account, the ATM cards, passbooks, cheque books, net banking credentials, linked SIM cards, etc. </p>.<p>This will enable the cybercriminals to have full control over the account, while investigators who dig through them will find they are actually registered in the name of some random person in some remote village or town.</p>.<p>Investigators say that these networks have risen in a sophisticated manner for new-age modus operandi like digital arrest and investment frauds, also known as “pig butchering” scams, leading to each of these crimes having more than five or 10 layers in the laundering process. </p>.<p><strong>Layered transfers</strong></p>.<p>Once the network is up and running with hundreds of mule accounts, the crime proceeds are layered by systematically funnelling them through these multiple bank accounts. They are then handled by “mule account handlers/ operators” appointed by the cybercriminals for a commission and, in some cases, as a work-from-home opportunity. </p>.<p>These accounts are linked to shell companies or small businesses, many of which dissolve shortly after the laundering process. The proceeds can also flow into online money-based games and task-based fraud, disguising the stolen money as genuine payouts. </p>.<p>In the final stage, after passing through several of these layers, the crime proceeds are converted into cryptocurrency, withdrawn as cash via ATMs or cheque, used to purchase luxury assets, etc. Majorly, the end is cryptocurrency before it is handed over to the kingpins in China and Southeast Asia, cybercrime investigations have revealed. </p>.<p><strong>Systematic effort</strong></p>.<p>Cyber Command sources believe a concentrated effort is required to systematically dismantle these networks. </p>.<p>“When cybercrime cases – those damaging financially – blew up, the then approach was only recovering the money, leading to the case dying. In some cases, maybe 10%, some more investigation was done, and some local agents or foot soldiers were picked up as suspects,” says a senior cybercrime investigator in Bengaluru. </p>.<p>“After the Cyber Command Centre was established, the approach has changed to dismantling the mule account networks. Once the network is dismantled, the cybercriminals will have no other way to park, transmit and launder the crime proceeds. If the retailer or the herder of these mule accounts is hit, it will also affect the cybercriminals in cahoots with them currently and prevent fraud in the future. This is the main aim of the recent drive to dismantle mule accounts in Karnataka by the Cyber Command Centre.”</p>.<p>The investigators may also take a different approach towards the owners or the KYC holders of these mule accounts. </p>.<p>“Technically, they are complicit. But we need to look at the practicality. There can be hundred mule account owners in a single fraud, and thousands of cases are registered every year. Is it better to make them as accused, burdening the courts with prolonged trials, or make them as witnesses against the main accused? It will have to be looked at by the police investigator and those overseeing the specific cases,” opined a cybercrime investigator in Bengaluru.</p>
