As mule account cybercrimes continue to rise across India, the Reserve Bank of India has collaborated with fintech research institutions, including the Institute for Development and Research in Banking Technology (IDRBT) in Hyderabad, to create robust solutions.
Mule account fraud, a form of social engineering attack, has prompted the development of advanced algorithms that alert banks to unusual transaction patterns and help identify fraudulent activities more swiftly.
Social engineering is a prevalent tactic in cybercrime, accounting for 98% of attacks. It involves criminals manipulating victims into disclosing confidential information by impersonating trusted individuals or institutions. This type of fraud often leads to the use of legitimate bank accounts as “mule accounts,” where funds are moved through compromised accounts for illicit purposes.
To combat this growing threat, fintech institutions are working on algorithms that detect irregularities in customer account activities. When an account is used as a mule, it exhibits distinctive behavioural changes. Once operational, these technologies will enable the RBI to instruct banks to implement preventive measures, curbing fraudulent transactions immediately, according to sources in the research community.
The RBI’s initiative is timely, as banks typically do not report financial crimes or cyber incidents directly to law enforcement. This delay often results in longer detection times, with fraud victims noticing discrepancies only after significant harm has been done.
Cyber experts explain that cybercrimes involving mule accounts can be highly intricate, often requiring coordination between law enforcement, the Unique Identification Authority of India, and various banking departments. Fraudsters often deceive victims into sharing sensitive information, including Aadhaar numbers, which are used to change account credentials without the victim’s knowledge.
To address these challenges, the RBI recently launched MuleHunter.AI, an AI-powered tool designed to identify mule accounts more effectively. A pilot test with two major public sector banks produced promising results. The tool uses 19 distinct behavioural patterns associated with mule accounts to spot suspicious activities in real time.
Although banks report anomalies to anti-money laundering units, they typically do not communicate directly with law enforcement. “However, we provide all relevant information if requested by authorities,” said a senior official from the State Bank of India. “Recently, we helped prevent customers from being digitally arrested by assisting them during critical moments when they were still engaged with fraudsters,” he added.
This collaborative effort between the RBI and fintech institutions highlights the urgency of combating mule account fraud and improving response times to protect customers from escalating cybercrimes.
