In the battle against digital fraud, financial institutions face a relentless onslaught of evolving tactics from cyber criminals. Among these threats, mule accounts have emerged as a particularly insidious and under-the-radar trend, as highlighted by recent findings from BioCatch.

According to BioCatch’s latest report on digital banking fraud trends for 2024, India is experiencing a concerning surge in mule accounts, mirroring a global uptick in this form of illicit activity. The data paints a stark picture: at one partner bank in India, a staggering nine out of every ten mule accounts went completely undetected.

The key findings from the report shed further light on the scale and complexity of the mule account problem in India:

Account Takeover Attacks Still Dominate: Account takeover remains the dominant form of fraud in India, comprising 55% of all reported fraudulent activities. Third-party account takeover fraud continues to represent a significant portion of the fraud landscape, outpacing social engineering scams observed elsewhere.

Mules: A Massively Underreported Plague: The prevalence of mule accounts is alarming, with every device involved in mule activity in India accessing an average of 35 accounts each. This underscores the scale of the challenge faced by financial institutions in detecting and combatting this form of fraud effectively.

Fraudsters Likely Accessing Indian Mule Accounts from Outside the Country: While initial mule account activity originates primarily from within India, there is a significant shift over time, with a sharp decline in domestic access. After a month, only 20% of mule account sessions originate from within India, with 16% of those sessions utilizing a Virtual Private Network (VPN) to obfuscate their location.

Regional Insights: BioCatch’s data reveals regional variations in mule account activity across India. Bhubaneswar emerges as a hotspot, accounting for 14% of recorded mule activity among BioCatch customers. Other cities with notable mule activity include Lucknow and Navi Mumbai, as well as several cities in West Bengal and metropolitan areas like Mumbai and Bengaluru.

The implications of these findings are clear: mule accounts pose a significant and growing threat to the integrity of India’s financial system. Addressing this challenge requires a concerted effort from financial institutions, regulators, and law enforcement agencies to implement robust security measures and collaborate on strategies to detect and disrupt mule networks effectively.