Money mule activity, long associated primarily with money laundering, now fuels a wide range of scams, including identity fraud, payment fraud, and organized financial crime. Mule accounts allow criminals to receive stolen funds and quickly move money across financial institutions, distancing themselves from the original crime.
Too often, mule activity is dismissed as legitimate because siloed teams and organizations each view the customer through a narrow lens. In the Money Mules: The Fraud-Laundering Connection report, Jennifer Pitt, Senior Analyst of Fraud Management at Javelin Strategy & Research, examines the risks money mules pose to financial institutions and how banks can better defend against this activity.
Why Do People Become Mules?
Many people don’t realize that becoming a money mule is a criminal activity with serious consequences. Some believe they are simply helping somebody in need—perhaps a friend asking for assistance or a request that comes through social media. Younger generations are especially vulnerable to job scams and similar schemes online. In many cases, individuals don’t realize until it’s too late—if at all—that they have been recruited as money mules.
“A lot of times, especially with younger generations, they think what does it matter if I’m doing this?” said Pitt. “The companies that we’re hurting have a lot of money. Point of sale operators often think the same thing: Why does it matter if they’re defrauded or they lose money? What they don’t realize is that this has a bigger impact on everyone. Prices go up when fraud happens.”
In other situations, individuals knowingly participate in illicit activity because they believe the benefits outweigh the risks. This is common in scam scenarios where someone is asked to receive and forward funds. For example, a message on social media might say: “I have bad credit, I can’t open a bank account. I need help moving my money—can you help me out?”
“So someone who’s really nice says, Oh yeah, I totally understand the economy’s bad,” Pitt said. “I get that it’s difficult sometimes to get an account. I’ll help you out, no problem. And they think they’re genuinely helping someone. They don’t know that they’re actually being a mule. That’s where educating consumers really comes into play.”
Breaking Down the Silos
Many banks still operate with siloed systems where fraud teams, anti-money laundering teams, data analytics, and payments or wire transfer teams work independently. As a result, each group often evaluates activity in isolation, either focusing on a single moment in time or a limited set of transactions. This fragmented view prevents a full understanding of customer behavior.
Because of this, mule activity is frequently missed. Individual transactions may appear legitimate on their own, but a broader view often reveals patterns consistent with organized fraud rings.
“To be able to see money mules, you have to trace the money, because a mule is moving money from one place to another,” said Pitt. “These fraudsters right now understand that we have these silos. They’re skirting detection by moving money across different accounts, setting up sometimes hundreds of mule accounts across different organizations.”
“You have to be able to connect the dots and to track the money and figure out what’s actually happening holistically,” she said. “And then you have to be able to use network intelligence across organizations to see where the money is actually going.”
Continuous Monitoring
One of the most effective ways to detect mule activity is through continuous account monitoring and tracking changes in behavior over time. Key questions include whether account usage has changed, whether counterparties or beneficiaries differ from historical patterns, and whether transaction timing or velocity has shifted.
Behavioral intelligence is also increasingly important, particularly in scam-related mule activity. While some variation in behavior after account opening can be normal, it may also indicate emerging risk and warrant further review.
It’s also critical to assess access patterns at scale: whether multiple IP addresses are used to access the same account, whether multiple accounts across organizations are being accessed from the same source in rapid succession, and whether funds are entering an account and quickly being moved out.
“I still talk to a lot of organizations that look at something from an onboarding perspective, and then they’ll stop when the person logs in, and won’t look any further,” Pitt said. “Once somebody’s logging in, what are they doing? Is it the same person who’s using the account that logged in, and is that person the same person that we verified and vetted at the beginning? A customer can start as a good customer, and then something happens, and they might turn into a money mule. We can’t just stop once we vet that person.”
Getting the Word Out
Criminals may use synthetic identities to open fraudulent accounts intended for mule activity, but it’s generally easier to exploit existing accounts that have already passed onboarding and verification checks.
These accounts can be used directly as money mule accounts or controlled through recruited individuals. This activity is rarely limited to one or two accounts; instead, it often involves large-scale networks. When one mule account is closed, criminals quickly pivot to others, preparing alternate accounts in advance to avoid disruptions and detection.
Given the sophistication of these schemes, banks need to actively educate consumers about the risks of being used as money mules. Messaging should be clear and direct about real-world consequences. In some cases, scam victims have gone to jail after continuing mule activity even after being warned that it’s illegal.
“Both financial institutions and social media companies need to get the message out there that this is a very serious thing,” Pitt said. “Your account could be shut down and you can have very serious criminal consequences.”
The post How Banks Are Fighting the Scourge of Money Mules appeared first on PaymentsJournal.
