The first report on combating money laundering and the financing of terrorism analyses the modern methods used by criminal networks, with particular emphasis on technology‑enabled fraud schemes and the recruitment and use of money mules.
As announced by the Cyprus Banking Association, the report, titled New Trends in Technology‑Enabled Fraud and the Use of Money Mules, sets out current criminal practices and identifies critical areas requiring heightened scrutiny of customer behaviour and transactions.
New types of fraud
According to the report, technological progress and emerging technologies such as artificial intelligence and AI‑generated deepfakes have created fertile ground for the emergence of new technology‑based fraud schemes, while existing schemes have grown in complexity and scale.
At the same time, digital innovation in the financial sector, enabling faster movement of funds, instant cross‑border payments, peer‑to‑peer transfers and the increasing use of virtual assets, has facilitated the rapid transfer and concealment of illicit proceeds.
“This increasingly digital and interconnected financial ecosystem has also created new challenges for entities subject to anti‑money laundering requirements and for competent authorities, particularly in terms of the timely and effective detection and disruption of illicit financial flows,” the report adds.
It notes that digital technological innovation has accelerated both the use and specialisation of technology‑enabled fraud, particularly in social engineering schemes, impersonation and AI‑driven fraud, as well as investment fraud, all of which have increased significantly in recent years.
The multifaceted nature of fraud
The findings underline the multifaceted nature of technology‑enabled fraud and the critical role played by money mules in facilitating the movement of illicit funds.
Effective detection and disruption of such schemes rely on proactive anti‑money laundering monitoring that takes into account both transactional and behavioural indicators.
Careful scrutiny of transactions, including their purpose, the relationship between sender and recipient, and the broader context, enables financial institutions to identify potential money‑mule activity at an early stage.
Financial Intelligence Units also play a key role by analysing suspicious activity and transaction reports and disseminating the results of their analyses to law enforcement authorities for possible investigation and prosecution.
The report notes that the effectiveness of these measures depends on strong cooperation among all stakeholders. The chain, from detection by obliged entities to analysis and dissemination by Financial Intelligence Units, and subsequent investigation by law enforcement, demonstrates how coordinated efforts can successfully disrupt criminal networks and prevent further victimisation.
Strengthening these cooperation mechanisms remains essential in addressing the evolving landscape of technology‑enabled financial crime.
From an anti‑money laundering perspective, such fraud schemes generate large volumes of illicit proceeds that are moved rapidly through cross‑border transfers, often using money‑mule accounts, cryptocurrencies and other innovative financial infrastructures.
Techniques used in technology‑enabled fraud
• Phishing: Fraudulent emails designed to impersonate trusted entities such as banks, online services or public authorities, in order to deceive recipients into disclosing sensitive information, including credentials, personal data and financial details.
• Business Email Compromise: Criminals compromise legitimate business email accounts to authorise financial transactions or redirect payments to other accounts.
• Smishing: Deceptive messages delivered via SMS or messaging applications, often containing malicious links or instructions.
• Vishing and telephone impersonation fraud: Voice‑based phishing carried out through phone calls, with criminals impersonating representatives of legitimate organisations to manipulate victims.
• Use of social media platforms: Employed to defraud victims under various pretexts, ranging from fraudulent online shopping advertisements and property bookings to investment opportunity scams.
• Fake credential‑harvesting websites: Websites that imitate legitimate platforms in order to steal login credentials or financial data.
• AI‑generated deepfake impersonation: Use of AI‑generated audio or video to impersonate trusted individuals.
• Online shopping and holiday accommodation scams: Deceptive advertisements on websites and social media lure victims into fraudulent purchases or property bookings.
Such advertisements promote fake products, which are never delivered or are replaced with cheap imitations, or false property listings for assets that fraudsters do not own.
Older people particularly vulnerable
The report acknowledges that older individuals appear to be more vulnerable to fraud. Gender does not appear to be a decisive factor, although male victims are slightly more frequent.
Educational background and financial capacity also appear not to play a significant role. In most cases examined, the victims were Cypriot nationals.
Communication channels
Fraud schemes are carried out primarily through specific communication channels that serve as the main means of targeting victims.
Social media platforms are the most frequently used channel, often through targeted advertisements or unsolicited direct messages that facilitate initial contact and the building of trust.
Email, SMS and messaging applications are also widely used, particularly for smishing attacks, while phone calls are less frequent but remain relevant, especially in more targeted fraud attempts.
A correlation has been identified between specific channels and certain age groups, with younger victims more often targeted through social media, while older individuals are more frequently deceived via email and phone calls.
Common pretexts
According to the report, fraudsters manipulate victims by exploiting psychological triggers through various pretexts, often invoking urgency or fear to force immediate action.
Examples include:
• Text messages claiming to originate from public authorities, redirecting recipients to fraudulent websites designed to steal banking credentials or one‑time passwords, including messages purporting to come from the police for fine payments, from the national health system requesting profile updates or password changes, or from the tax authorities regarding tax payments or refunds.
• Emails, SMS or phone calls containing fake links or QR codes related to alleged tax refunds, social insurance declarations or other benefits.
• Text messages with links purporting to come from courier services or the Cyprus Post, redirecting users to fake websites.
• Emails or SMS impersonating banks.
• Messages claiming to originate from universities and requesting payment of tuition fees.
The report notes that fraudsters redirect payments to their own accounts and lure individuals with promises of financial opportunities, such as high‑yield investments or cryptocurrency schemes, using phone calls or misleading social media advertisements.
Criminals also exploit online marketplaces by advertising goods and services at attractive prices. Victims are encouraged to make advance payments for items that are never delivered or are counterfeit, often using “limited‑time offers” to create urgency.
A similar approach is observed in holiday rental scams, where fake accommodation listings are advertised online and through social media, prompting victims to pay deposits for non‑existent or misrepresented properties.
'Romance scams' also form part of criminal schemes, involving fraudulent payment requests under false pretences, including claims to cover airfare for a loved one to travel to Cyprus or alleged shipping or relocation costs for a partner.
Strengthening national prevention capacity
According to the Cyprus Banking Association, the initiative aims to strengthen national capacity to prevent and disrupt financial crime. The timely exchange of critical information among relevant stakeholders is key to safeguarding the economy.
The association stresses that “the publication of the first report confirms the value and strength of cooperation between the public and private sectors. We actively support any initiative that enhances transparency and security, providing our members and the broader business community with the necessary tools to effectively address financial crime.”
