Definition
Bank Drop is a term that is used to describe a legitimate bank account set up to launder money obtained through cybercriminals and fraudulent activities.
In most cases, the money is removed from the victim’s account and channeled to legitimate accounts. However, the source’s origin and footprints are masked, making it hard to trace the criminal activity.
Common Applications of Bank Drop
- Ransomware payments: Ransomware attack victims can be forced to pay into legitimate cybercriminal bank accounts, complicating efforts to trace the flow of funds.
- Mule networks: Criminals usually create networks of mules to disguise the money trail. As a result, the funds travel through multiple intermediaries before reaching the destination.
- Money mules: Cybercriminals enlist individuals to open bank accounts, which are used to receive stolen funds and transfer them to other accounts, making it harder to trace the funds.
- ATM skimming: Usually, criminals place skimming devices at ATMs to steal credit card information, which they then use to transfer funds to bank drop accounts or withdraw the money.
- Business email compromise (BEC) schemes: Cybercriminals intercept business email accounts to modify invoices by changing payment details to direct funds to their or other fake bank accounts.
How Banks Can Protect Customers Against Bank Drop Fraud
- Know your customer (KYC): Financial institutions should authenticate their customers’ identities and legitimacy. This includes verifying government-issued documents and conducting background and credit checks.
- Two-factor authentication (2FA): This involves implementing an additional layer of security, such as biometric identification and a one-time password, to verify user’s identity.
- Device intelligence: Banks can also implement advanced device identification to verify users accurately and detect real-time online threats.