Bank Drop definition
The term “Bank Drop” defines the action of receiving and laundering money using an existing and legitimate bank account. In this case, money is obtained through cybercriminals and fraudulent online activities. Usually, the money is extracted from the victim’s account and sent to legitimate accounts, but the source’s origin and footprints are disguised. That way, it’s harder to trace the criminal activity.
See also: account takeover
Common Bank Drop applications
- Ransomware payments: Businesses or individual ransomware attack victims can be instructed to make payments to legitimate cybercriminal bank accounts, making it harder for law enforcement to track money flow.
- Mule networks: To obscure the money trail, criminals establish networks of mules. That way, money travels through multiple intermediaries before reaching the destination.
- Money mules: Cybercriminals recruit individuals, who open bank accounts where stolen funds are transferred, then the bank account owners cash out and forward the money to other accounts, making it harder to trace the footprint of the stolen funds.
- Business email compromise (BEC) schemes: In this case, cybercriminals compromise business email accounts and intercept legitimate invoices by changing payment details to direct funds to their or other fake bank accounts.
- ATM skimming: In most cases, criminals modify ATMs by placing skimming devices to obtain credit card information, then use it to make unauthorized money withdrawals and transfer funds to bank drop accounts.