By rssfeeds-admin 
The activity affects the wider fintech category, including services such as Revolut, Wise, and N26, which offer fast remote onboarding, digital payments, and cross-border transfers.
These platforms are popular with freelancers and micro-businesses because they are easy to set up and offer business-grade tools such as SEPA transfers, invoicing, and payment processing. But the same features also make them attractive to fraud networks.
Once verified, an individual entrepreneur account can act like a lightweight business account while still being opened with personal identity checks.
That mix creates high value for criminals. Instead of using basic consumer bank accounts, fraud groups now prefer verified freelancer accounts because they look legitimate and can move money quickly.
According to Group-IB, confirmed mule accounts at European fintech platforms are being sold on dark web markets for between 300300 and 700700 US dollars each, often with escrow support, replacement promises, and regular stock updates.
How the Scheme Works
A mule account is a bank account used to receive and forward stolen funds, helping criminals hide the money trail. Group-IB says the French scheme runs in multiple stages and uses both phishing and social engineering.
In the first stage, fraudsters steal victims’ personal information through fake websites. One example used a mortgage advice theme to collect names, contact details, and identity data.
The victim often believes they are dealing with a real service and does not know their details will later be used to open a fintech account.
The financial impact is already serious. The EBA and ECB reported that credit transfer fraud losses across the EEA reached € 2.5 billion in 2024, a 24% increase from the previous year.
End users bore 85%85% of those losses directly. Mule accounts are a major reason recovery is so difficult, because stolen funds can be sent onward within minutes through instant payment rails.
Group-IB says the operation targeting France is not random fraud but a structured criminal business. One actor highlighted in the research, @astarta_seller1, is linked to the wider ASGARD Network, which advertises verified European accounts across several cybercrime forums.
The group appears to focus heavily on French entrepreneur accounts, which command some of the highest prices in its portfolio.
One of the strongest findings in the report is scale: nearly 1 in 7 business account sign-ups in France was identified as fraudulent in the company’s confirmed customer data and national extrapolation. That figure suggests many more mule accounts may still be active and undetected.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Stolen Money Routed Through French Fintech Accounts In New Cybercriminal Scheme appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.