Open letter to would-be fraudster

Source: famliymwr

Dear Mr/Mrs Would-Be Fraudster:

I know you read this blog… I can see the search engine terms that you used to find “Fraud Happens”.

So, you want to commit fraud and don’t want your employer to catch you? I am glad that I can help! What have you learned from reading this blog?

Well, you’ve probably learned that committing fraud really isn’t that hard to do, and you may end up with millions of dollars. You may have also learned that working with a co-conspirator has its downside. If you work at a large company, you probably know that they respond to fraud losses differently than small companies. If you’re a government employee, you found out that fraud in the public sector can be just as damaging as fraud in the private sector. Finally, you may now know what could happen if you are caught. I guess that you are trying to determine if you would serve time, or merely receive a “slap on the wrist”. I hope you also learned that fraud destroys lives.

So what have you decided to do? Is the probability of getting caught so low that are willing to take the risk? Have you thought about how you’ll spend the money? Maybe you want to punish your employer? After all, you really don’t get paid enough…

Before you make the leap and begin stealing, do this for me… Close your eyes and begin to envision what your world would look like if you ended up getting caught. Will your significant other stay with you? How about the kids, will they understand why the new toys you just bought have to go back to the store? Will they want to visit your new “home” – the one with all the other “bad people” wearing the same clothes? What about your parents? How do explain your decision to embezzle money from your employer? After all they have tried to teach you, if only you had listened…

I understand why you are tempted to commit fraud. You and I both know that there is a chance that you’ll steal just enough to pay off overdue bills or buy that fancy car you’ve always wanted and not get caught.

Just remember this… there are people just like me all over the world that have dedicated their careers to fighting fraud. We’re not always perfect and we do make mistakes. However, for the most part, we’re really good at what we do. I hope you learned a great deal from reading my blog. If you’ve learned anything, I hope you’ve decided not to commit fraud. Contrary to what many would like to believe, fraud doesn’t have to happen. Ball’s in your court…

Paul McCormack

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Advertisements

October is National Cyber Security Awareness Month, but you knew that already…

Source: Kurhan

Did you know that October is National Cyber Security Awareness Month (NCSAM)? Ok, you probably did not. It isn’t exactly the type of event that hits the front page of most newspapers and websites, but it should.

The FBI’s Robert Mueller recently stated that “cyber security may well become our highest priority in the years to come.” In my opinion, that time is fast approaching. If you follow the news regarding Cyber Security as I do, you may agree that we are already under a sustained attack that has the potential to cut the country’s economy off at the “knees”.

As we all know, it is not just corporations that are the victims. US consumers are targeted by organized crime groups from around the globe. In fact, this is not just a US problem, it is a global epidemic.

It is easy to dismiss NCSAM as a silly event that means nothing. And that is EXACTLY why you should pay attention. As long as consumers are victimized, there will be an incentive for fraudsters to invest the time and money to launch their attacks. So, with that in mind, please take the time to review the FBI’s recommendations below:

  • Set strong passwords, and don’t share them with anyone.
  • Keep a clean machine—your operating system, browser, and other critical software are optimized by installing regular updates.
  • Maintain an open dialogue with your family, friends, and community about Internet safety.
  • Limit the amount of personal information you post online, and use privacy settings to avoid sharing information widely.
  • Be cautious about what you receive or read online—if it sounds too good to be true, it probably is.

If you want more information on NCSAM, the FBI’s press release contains links to a number of helpful resources. I hate to state the obvious, but if you don’t take the time to improve your awareness of the cyber security threat facing the nation, no one will do it for you.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

 

Sorry valued customer, an employee just stole your identity

Customer data theft

Source: Mel B

As a freelance writer, I often write for companies around the globe.Here is an article that I wrote for Memento – a leader in enterprise fraud management.

The post discusses the theft of nearly 3,000 customer identities by a bank manager with a very troubled past.

Click here to read the post.

Please feel free to leave comments here, or on Memento’s blog letting me know what you think.

If you would need an article, newsletter, blog post or whitepaper, please contact me at paul@mccormackwrites.com.

P.S. I ghostwrite too!

Update: XM Radio Employee Sentenced to 15 Months

Photographer: Stephen McCormack

Photographer: Stephen McCormack

I have an update on a case that I previously discussed involving XM Radio. Valencia Person, an Accounts Payable coordinator just received a 15 month sentence for her role in the embezzlement.

The news article detailing her sentencing notes that Person agreed to a monetary judgment of $908,924. That doesn’t make much sense to me as the article later notes that Brenda Jones, her co-conspirator received $690,000 and Person received $125,000. May be there will be more information available when Jones is sentenced on August 16…

Now, I wonder how much the investigation cost to complete… I would hazard a guess that the total loss easily exceeds $1,000,000. Investing in prevention doesn’t seem so expensive after all, does it?

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Intel engineer helps himself to $400 million

Photographer: Stephen McCormack

Intel Corporation is a world-class organization that has dominated the market for computer chips for many years. In fact, there is a high probability that the device you are using to read this post has an Intel chip inside. However, based on a recent case involving Biswamohan Pani, an Intel Senior Staff Engineer, it may need a little help protecting its intellectual property.

According to the FBI, here are the facts of the case:

  • From February through April, 2008, Pani was looking for a job at other computer chip manufacturers and ultimately obtained a job at Advanced Micro Devices Inc.
  • Pani kept his job search secret from Intel. (Why wouldn’t he?)
  • When he announced his departure on May 29, 2008, he told the company that he might work for a hedge fund
  • Pani told Intel that he wanted to take the next one-and-a-half weeks as vacation until his last day at work on June 11, 2008
  • Unbeknownst to Intel, Pani had started downloading from Intel numerous secret documents about Intel’s manufacturing and design of computer chips. The intensive downloads began on May 28, just before he announced his departure, and continued on May 29
  • Pani started working at AMD on June 2, while he was still on Intel’s payroll and still had access to Intel’s computer systems
  • On June 8 and June 10, Pani remotely accessed Intel’s computer system numerous times and downloaded 13 of Intel’s most valuable documents
  • Along with other confidential and proprietary information, Pani downloaded a document explaining how encrypted documents could be reviewed when not connected to Intel’s computer system
  • Pani backed up the downloaded files to an external hard drive for access after he left Intel
  • On June 11, 2008, Pani reported to Intel for his exit interview and falsely stated that he had not retained any of Intel’s property, when, in fact, he had kept the electronic equivalent of boxes full of downloaded documents and some printed Intel documents at his apartment
  • Documents taken by Pani were found a month later when the FBI searched his home. Intel has valued those documents as worth $200-$400 million, at minimum
  • The FBI was able to recover these documents quickly, before Pani could use them to Intel’s disadvantage, largely because Intel reported the theft quickly and assisted the investigation. AMD also cooperated with the investigation, and there was no evidence that AMD or its employees had asked Pani to take these documents or even knew that he had them

Based on the fact pattern above, it appears Pani knew exactly what he was doing. He grabbed documents before, during and after Intel knew that he was leaving. He also bought time by convincing Intel that he was leaving the industry. I can’t imagine that lying about his ultimate destination stopped Intel from blocking his system access. They probably just forgot to do it. After all, Pani was still on the payroll and “burning” his vacation allotment. Why block an active employee?

Who knows what actually took place, the net result was that Pani had one-and-a-half weeks of access to Intel’s systems during which time he did the most damage. So how did Intel figure out Pani had stolen trade secrets? Clearly, after the fact, but not much else has been mentioned in the media.

This case is eerily similar to another case that the FBI investigated involving Sanofi-Aventis. Is it really that easy to steal trade secrets from Fortune 500 companies? Apparently so…

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Employee fraud – the problem may be bigger than you think…

Before you can tackle employee fraud within your organization, you need to know how big a problem you have. An article that I wrote for Memento – a leader in enterprise fraud management – discusses a common mistake that banks make when tackling employee fraud. The principles that I share in the post are applicable to more than just banks.

Click here to read the post.

Please feel free to leave comments here, or on Memento’s blog letting me know what you think.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Bookkeeper plays “hide and seek” with company’s bank records

Source: Hyku

Bonnie Denning didn’t want the owners of Easy Picker Golf Products to see the company’s bank records, and now we know why! Over the course of less than 12 months, Denning alledegly embezzled $818,339.37 from the Lehigh Acres company using wire transfers, a debit card linked to the company’s accounts, and one check (I suspect that there will be more fraudulent checks uncovered in due time).

Here is a break down of the loss:

  • 60 Debit card transactions – $411,387.00 

Alledegly used to used to buy clothes, gas, electronic goods and home furniture.

  • 54 wire transactions – $358,885.50

Alledegly included $4,799.58 to purchase granite for Denning’s home and $29,160.00 associated with a drug rehabilitation program for a relative

  • 1 check – $5,295.76 for shutters for Denning’s home

Total loss – an eye popping $818,339!

Here are some lessons learned:

  1. Denning refused to turnover the company’s bank records to the owners. In fact, the owners had to request the statements directly from the bank! That is a GINORMOUS red flag. Never, I repeat never give your bookkeeper sole custody of your company’s bank records.
  2. The bank issued a debit card to Denning apparently without the knowledge of the owners. I’ll leave it up to the owners and the bank to decide who is at fault here; however, as I have said before, relying exclusively on your bank to prevent embezzlement is a losing proposition.
  3. Engaging a bookkeeper should never result in the the owners abandoning oversight of the financials. To the contrary, owners must stay engaged and ensure that the bookkeeper compiles the results in an accurate and efficient manner. Put simply, not paying attention can cost you dearly.

I sincerely hope that the Easy Picker Golf Product Company can survive this catastrophic loss. I can only imagine how the owners must feel.

As this case develops, I’ll keep you posted.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Punishing the white collar criminal

“The judge opened his file and retrieved the case’s sentencing memos, plea agreement and lengthy pre-sentence report, which he had read over the past few days and which spelled out the case’s particulars: Borgono had pleaded guilty to conspiring to defraud the federal government by falsifying records that allowed her boss, the president of a Miami-based export company, to steal more than $10 million from the Export-Import Bank of the United States”

–  Judge who had ‘no passion for punishment’ retires after 31 years, The Washington Post, June 1, 2012

The Washington Post Article referenced above provides a ‘behind the scenes’ look at the challenges facing the judiciary when sentencing white collar criminals. Should society punish white collar criminals to the maximum extent allowable under the law, or does it make more sense to show compassion? Does tough sentencing for white collar criminals discourage “would be” fraudsters? How important is it to rehabilitate the offender?

Consider the vast difference between the punishment that the federal prosecutors argued for and the request made by Borgano’s defense attorney:

“Because so much money had been stolen, federal prosecutors argued in court papers that Urbina should sentence the former office manager to 18 months in federal prison. Her attorney countered that Borgono deserved just a year of home detention and two years of probation because the Peruvian immigrant, who became a U.S. citizen in 2007, had not reaped a dime in the scheme’s proceeds beyond her $500 weekly salary. She had cooperated extensively with authorities and had helped them build their case against her boss, a man sentenced by Urbina to nearly four years in prison. She also had the support of her community, the attorney said. The judge’s folder was filled with heartfelt letters from relatives, friends and even her priest.”

More on who won that fight in a minute…

In addition to the investigations that I personally conduct, each week I review over fifty cases involving fraud and intellectual property theft to determine which examples to include in our Global Knowledge Center. The differences in the sentences handed out to white collar criminals are truly startlingly, and in some cases alarming. Even within the same jurisdiction, the sentences handed down vary significantly. And let’s not forget that the Internal Revenue Service may also take an interest in the case. Or not… I have yet to understand the criteria that the IRS applies when determining which cases involving fraud and unreported income are worthwhile pursuing. That’s a discussion for another day…

I understand better than most that each case is unique and numerous factors must be taken in to account before a sentence can be handed down. But let’s consider the variation in sentencing from the “would be” fraudsters perspective. Does the threat of prison time factor in to their decision making process? Should it? What are the odds that they will be caught in the first place? Why consider the worst case scenario when committing fraud is so incredibly easy to do?

The case highlighted in the Washington Post article is somewhat different as Norma Borgano did not personally benefit from the fraud – her boss Guillermo O. Mondino did and he received 46 months in prison for his troubles.

So let’s compare Mondino’s sentence to the 66 months that Patricia K. Smith,the perpetrator of a $10.2 million dollar fraud received. That’s a difference of 20 months, or nearly two years. I fully understand that each case is different, but is Smith’s crime anymore heinous than Mondino’s? In fact, Mondino’s fraud involved a far higher potential loss of $24 million. Did Mondino’s attorneys do a better job defending their client? Who knows, but the difference is significant – especially if you are the unlucky individual serving the “extra” 20 months!

As for Norma’s fate, she received a year of home detention, four years of probation and $5,000 in restitution payments. Is that an appropriate sentence? Let’s be honest, who are we to judge?

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Impersonation Schemes: A Big Headache for Companies

This is “Fraud Happens” first guest post. ildar khakimov is a Montreal based internet enthusiast who co-founded several projects including callcenter.com

Companies suffer staggering losses when it comes to impersonation scams.

A good example can be seen in a documentary called “Yes, men fix the world”, in which two men setup fake press conferences on behalf of companies to spread false news.

It’s believed that Dow Chemicals suffered a 2 billion dollar loss as a result of the duo’s fake news announcement which alleged the company’s planned to pay out compensation for the Bhopal Disaster.

So what about the more common forms of impersonation, such as the use of fake caller IDs?

Caller ID spoofing can be even more dangerous because it’s not a single person hitting a single target, but rather a large telecom fraud machine that’s able to place thousands of calls or send millions of SMS messages pretending to be someone they’re not.

Most recent example is fake SMS giftcard scam. In 2012, many individuals started receiving messages that claim they won a free giftcard from Best Buy. The SMS was asking people to visit a specific web-site to claim a prize that didn’t exist.

People that got duped went straight to Best Buy and demanded their “winnings”. This forced Best Buy to spend company resources in order to explain consumers that they got scammed.

In addition, it’s hard to put a monetary value on Best Buy’s tarnished reputation. For example many consumers, who leave complaints on sites like callercenter.com, believe that Best Buy gave out their personal information to telemarketers and that perhaps their personal information was compromised due to company’s inefficient security measures. Even if such allegations are later proven false, the damage to the company’s image has already been done.

One such complaint goes: “[…]Walmart employees are in on it, or  Walmart’s IT security is **** and they were hacked? I paid for my purchase with a credit card, so I certainly hope that wasn’t leaked along with my phone #. One thing’s for sure: I will never step foot in a Walmart again!

Another popular fraud conducted via SMS while showing a fake caller ID is known as Smishing. It consists of a banking notification from crooks who pretend to be the victim’s bank. The SMS threatens the victim to shut down their account unless they login to a specific web-site.

Login information entered is stolen and then used by fraudsters to siphon funds to off shore accounts.

Banks often reimburse stolen funds and thus suffer financial losses from caller ID spoofing. These types of scams are on the rise. A survey of 95 financial institution by ABA show a 260% increase of such scams in 2011 compared to 2009.

In addition to that, banks have to spend millions on security to help fight smishing fraud, in an interview with USA Today, Carol Kaplan of American Bankers Association admitted: “[…]there continues to be huge gobs of investment into shoring up security.”

It’s hard to estimate how much money companies lose because of Caller ID spoofing, but it’s a very significant amount and the situation won’t change until this practice is more strongly regulated by the government.

Now the fraudsters have started spoofing caller IDs making it look like they’re calling from the U.S government to offer a free grant. Who knows, maybe now the government will take notice?

If you are interested in writing a guest post, please email me – pmccormack@connectics.biz. I look forward to hearing from you.

Payroll and inventory fraud – are you next?

Apparently, there is quite a bit of money to be made from gourmet mushrooms (no, not that kind). So much so that Gino Silva and Steven Perei, both employees with D’Artagnan, a mushroom distributor set up their own company in direction competition with the employer.

Starting in December 2007, Silva and Perei made sales on behalf of their own company, Mediterra, then stole D’Artagnan’s inventory to complete the sale. To conceal the theft, Silva enlisted the help of D’Artagnan’s inventory control specialist to manipulate purchase order records and alter inventory records. This scheme was simple, yet quite brilliant – by using their employer’s inventory for their new company, top line sales essentially equaled bottom line profit. Why pay for inventory when someone else can foot the bill? The mushroom scheme lasted just over 12 months.

The mushroom scheme was not Gino Silva’s “first rodeo”. From 2005 to 2008, Silva was vice president of operations for Philips Accessories and Computer Peripherals. While working there he conspired with others to add “ghost” employees to the company’s payroll that ended up being paid approximately $1.2 million for nonexistent services (Ghost employees may be real people or fictitious but they do not work for the company).

Silva pleaded guilty to the payroll scheme in December 2008. In June 2009, he received a 27 month sentence and a restitution order for $843,414. In April 2011, Silva pleaded guilty to the mushroom scheme, and in March 2012 received a 28 month sentence, a year of supervised release and $71,179 in restitution for the mushroom scheme.

Silva committed two very different frauds and was eventually caught and sentenced twice. Is he a criminal mastermind? Certainly not, but he still managed to defraud two companies with relative ease. Will he commit a third fraud once he is released from prison? Who knows? But, the temptation may be too great… and this time, he probably knows how not to get caught!

I can tell you that there a literally thousands of companies that he could join and commit exactly the same frauds without being caught for at least a year. Is your company next?

Read more here

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com