Leavenworth is a small town in the west-coast state of Washington. Starting as a couple of roads parallel to the new railroad tracks set in the late 19th century by the Great Northern Railway company, it was fashioned after a Bavarian village and became a typical western frontier town.

With a current population of 1,965, Leavenworth features two regional attractions. The first is the Leavenworth Nutcracker Museum, which displays over 5,000 nutcrackers dating from prehistoric to modern. The second is the Chelan County’s 1st District Public Hospital.

Which was virtually robbed, practically cleaned off, on April 19th.

Not many would have heard about the heist, in which a bit over $1 million were sent out, in modest chunks, from the hospital’s payroll account into 96 different US bank accounts, if it hadn’t been featured in Krebs on Security. Whenever you want to immerse yourself with detail-rich reports about Cyber heists, look no further than the Brian Krebs blog. A rare breed of cybercrime-focused journalist/investigator, Brian’s stories often shed light on some of the darkest corners of digital crimes. He explores each digital crime scene, talks to people involved, and provides CSI-like reports on cyber robberies as well as botnets, new pieces of malware and organized cybercrime groups.

His recent post about the digital clean out of the Chelan County public hospital is a perfect example of a small business (in this case, a public business) that gets zapped by cybercriminals who never set a foot in the actual establishment.

The report focuses on the cash-out side of the operation. As you know, moving the money out of victim's bank accounts (after you gain access into the online account using a Trojan horse on the victim's PC) requires collaborators known as 'money mules'. The fraudsters needs a clean way to send the money from the victim's account without any traces leading to them, and then move the money out of the country - and that's the role of mules. Money launderers, often without their knowledge. Krebs interviewed a couple of the mules. They were given an elaborate story about an Australian company that needs local representatives. These lucky sods get 8% commission from funds they receive into their bank account once they send the money internationally to ‘European software developers’ who work with the company. The mules fell for it.

The journalist actually tried to alert the hospital staff that their payroll account is being emptied, but no one returned his calls. I just wonder what sort of mess the financial director is in right now… It should be noted that in the case of small businesses, the bank does not need to make you whole if you lose money to cyber thugs. Many banks do it anyway to avoid a massive stampede of concerned businesses into expensive channels like phone or branch; or attrition of customers to more lenient banks who do compensate those who have been defrauded.

A couple of points about the method of operation looked suspiciously familiar. People simply don’t learn. Look at my 2009 blog named Agents of Evil about 1,925 Americans answering  a work-from-home recruitment ad for a company that never existed. One of the requirements of the post were writing reports.

And, the European-accented lady who interviews the candidate. This one immediately reminded me of a blog I wrote after talking to Mary Long from Texas, who was recruited as a mule. “I was told the last step before training is an interview with a psychologist from Copenhagen; I was to wait for her to call… At first the call didn’t connect, and then it did but the sound quality was horrible and I was stressed – after all, it’s a job interview. She had a thick, heavy accent, but I thought it’s only natural, after all the company is from Denmark. She asked lots of questions about previous experience and employment. When the interview ended I felt I had no chance to get the job”.

Mary did get the “job”. Siobhan Gorman from The Wall Street Journal wrote her story so other people can learn.

But they don’t. As Jesus Contreras, the 31-year-old mule recruit from California, says in Kreb’s blog: “I’m asking myself how I fell for this because the money seemed too good to be true. But we’ve got bills piling up, and my dad has hospital bills. I didn’t have much money in my account, so I figured what did I have to lose? I had no idea I would be a part of something like this.”

Yep. Kind of summarizes the mule issue, which over the last 5 years have become a mainstream business. God knows how many mules are 'employed' this very minute because when it seemed to good to be true, they decided it must be.