Survey leads to money laundering in your name – How to protect yourself!

M.Sc. Chris Wojzechowski

Survey leads to money laundering in your name – How to protect yourself!

We are currently receiving a lot of news about a dubious survey conducted by HENRIKSON Research GmbH. In this survey, a bank account is opened under your name and money laundering is carried out on this account. We describe how you can identify fake surveys and how you should proceed if you have already become a victim.

Money laundering in the IT industry

Money laundering is a popular topic that is currently growing in the IT industry. If criminals manage to convince a victim that money is being transferred, only the first step is done. The bigger problem for the attackers is to approach this money.

For example, if the money comes from blackmail, after a successful Ransomware attack, the money cannot be transferred to an account registered under the real name of the attacker. The money can also come from fake payment requests. In such cases, the criminals write a fake payment request at a convenient time. The advantage of this method is that the attack is not immediately noticeable, because the fake payment request is often only noticeable in a later processing.

In both cases, the criminals need a bank account that is not registered in their own name so that the money can be transferred from this account abroad, for example.

Your data for money laundering

The survey can only be carried out after registration. In this registration you will be asked for some personal data, up to this point this survey does not differ from other serious surveys. The next point of the registration should make you suspicious, because you will be asked to upload pictures of your identity card.

The last step of the registration is also frivolous, because you will be asked to take a Selfie with the identity card next to your face and upload it. To ensure that as many people as possible disclose this data, the company HENRIKSON Research GmbH is luring you with a job offer. This job, which is allegedly offered, is characterised by good pay. It is not only the good payment that is supposed to attract people, but the job can also be carried out completely from home.

Bank account under your name

After the user has uploaded the above images, the criminals make contact in the form of a WhatsApp message. In this message you will be asked to test various identification methods at online banks. In addition to this request, the WhatsApp message will contain data that you should use to create a bank account. You will be told several times that you should proceed as if it were your own account to create.

You will be led to believe that you are creating a fake account to test the identification process. In the background, however, the criminals apply for another bank account in your name. Now you are not carrying out the identification procedures for the wrong account, but for the account that the criminals have created.

This gives the criminals a registered account under your name and you have not noticed that you have carried out the identification steps of this account yourself. Not only bank accounts can be created by such scams, another possibility is a Social-Media Profile. Such a profile can collect information, or viruses could be sent under your name.

ID documents popular with money launderers

You should avoid sharing sensitive data, such as images of ID documents, if possible. Even if you are sure that your counterpart is serious and does not plan any criminal activities with your documents, you should use watermarks. By using a watermark you can prove your identity and make the image unusable for further activities.

If you have become a victim of this fraud or a similar one, you must contact the police immediately. Because you can describe the case early, the authorities know if you will commit crimes under your name.

You should also have bank accounts blocked as soon as possible if they are registered under your name but you did not know they existed.

Photo of author

M.Sc. Chris Wojzechowski

My name is Chris Wojzechowski and I studied my Master in Internet Security in Gelsenkirchen a few years ago. I am one of two managing directors of AWARE7 GmbH and a trained IT Risk Manager, IT-Grundschutz practitioner (TÜV) and possess the test procedure competence for § 8a BSIG. Our bread and butter business is performing penetration testing. We are also committed to promoting a broad understanding of IT security in Europe, which is why we offer the majority of our products free of charge.