Impersonation Schemes: A Big Headache for Companies

This is “Fraud Happens” first guest post. ildar khakimov is a Montreal based internet enthusiast who co-founded several projects including callcenter.com

Companies suffer staggering losses when it comes to impersonation scams.

A good example can be seen in a documentary called “Yes, men fix the world”, in which two men setup fake press conferences on behalf of companies to spread false news.

It’s believed that Dow Chemicals suffered a 2 billion dollar loss as a result of the duo’s fake news announcement which alleged the company’s planned to pay out compensation for the Bhopal Disaster.

So what about the more common forms of impersonation, such as the use of fake caller IDs?

Caller ID spoofing can be even more dangerous because it’s not a single person hitting a single target, but rather a large telecom fraud machine that’s able to place thousands of calls or send millions of SMS messages pretending to be someone they’re not.

Most recent example is fake SMS giftcard scam. In 2012, many individuals started receiving messages that claim they won a free giftcard from Best Buy. The SMS was asking people to visit a specific web-site to claim a prize that didn’t exist.

People that got duped went straight to Best Buy and demanded their “winnings”. This forced Best Buy to spend company resources in order to explain consumers that they got scammed.

In addition, it’s hard to put a monetary value on Best Buy’s tarnished reputation. For example many consumers, who leave complaints on sites like callercenter.com, believe that Best Buy gave out their personal information to telemarketers and that perhaps their personal information was compromised due to company’s inefficient security measures. Even if such allegations are later proven false, the damage to the company’s image has already been done.

One such complaint goes: “[…]Walmart employees are in on it, or  Walmart’s IT security is **** and they were hacked? I paid for my purchase with a credit card, so I certainly hope that wasn’t leaked along with my phone #. One thing’s for sure: I will never step foot in a Walmart again!

Another popular fraud conducted via SMS while showing a fake caller ID is known as Smishing. It consists of a banking notification from crooks who pretend to be the victim’s bank. The SMS threatens the victim to shut down their account unless they login to a specific web-site.

Login information entered is stolen and then used by fraudsters to siphon funds to off shore accounts.

Banks often reimburse stolen funds and thus suffer financial losses from caller ID spoofing. These types of scams are on the rise. A survey of 95 financial institution by ABA show a 260% increase of such scams in 2011 compared to 2009.

In addition to that, banks have to spend millions on security to help fight smishing fraud, in an interview with USA Today, Carol Kaplan of American Bankers Association admitted: “[…]there continues to be huge gobs of investment into shoring up security.”

It’s hard to estimate how much money companies lose because of Caller ID spoofing, but it’s a very significant amount and the situation won’t change until this practice is more strongly regulated by the government.

Now the fraudsters have started spoofing caller IDs making it look like they’re calling from the U.S government to offer a free grant. Who knows, maybe now the government will take notice?

If you are interested in writing a guest post, please email me – pmccormack@connectics.biz. I look forward to hearing from you.

Advertisements

Oh what a tangled web we weave… what happens when you can’t trust anyone?

Of all the government agencies to steal from, the National Security Agency would probably be the last one on my list. If just half of what the media says they can do is true, surely, they have the capability to uncover a fraud perpetrated by a vendor.

Yet, Bechdon which made metal and plastic parts for the NSA, successfully defraud the agency over a ten year period. The father son team of William and Donald Turley overbilled the agency for hours that their company never worked. As an aside, I am curious as to why the NSA would pay for parts produced by the hour and not on a fixed price basis, but I suppose we’ll never know the reasoning behind that decision.

The father son duo both confessed to the fraud during clearance interviews as part of the process for bidding on sensitive NSA contracts. Surprisingly, they confessions came over a year apart. William Turley confessed in March 2006, and Donald the following year in April (Why it took the NSA more than a year to complete the second interview is anyone’s guess).

Now for the twist that all good stories involving the NSA should have… Enter Christina Turley Knott, William Turley’s daughter and Donald Turley’s sister…

Christina is by far the more accomplished fraudster. She managed to embezzle $4.5 million from Bechdon without the knowledge of her father or brother! Presumably, while the father and son were busy bilking the NSA, they didn’t pay attention to the fraud happening beneath their noses. Christina will be sentenced shortly for her fraud, but initially the family declined to turn her in as they feared she would disclose the NSA overbilling scheme.

The moral of the story? Don’t expect your employees to act in an ethical manner if they see your company’s leadership defrauding others. The “tone at the top” is often thrown around as important to preventing fraud. In this case we can see what happens when owners or senior executives abandon their ethics at the front door. There is no honor among thieves, especially when there are millions up for grabs. Just ask the Turleys…

Read more here

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

What can Atlanta Public Schools’ cheating scandal teach corporations?

Photo: CCarlstead

Quotes from the special investigation into CRCT cheating at Atlanta Public Schools:

“We found cheating on the 2009 Criterion-Referenced Competency Test (CRCT) in 44 of the 56 schools (78.6%) we examined, and uncovered organized and systematic misconduct within the district as far back as 2001.”

“We found that 178 teachers and principals were involved in cheating in 44 schools.”

“A culture of fear and a conspiracy of silence infected this school system, and kept many teachers from speaking freely about misconduct. From the onset of this investigation, we were confronted by a pattern of interference by top APS (Atlanta Public School System) leadership in our attempt to gather evidence. These actions delayed the completion of this inquiry and hindered the truth seeking process.”

All we want are the facts, ma’am.

I want to be very clear upfront: this post is not meant to assign guilt or innocence to any of the schools, principals, or teachers that were allegedly involved in cheating on the CRCT. I strongly believe that as soon as an investigator inserts his or her personal opinion regarding whether an individual “cheated” or “committed fraud,” his or her independence can be called into question. With that said, the authors of the Atlanta Public School cheating scandal have been quite definitive regarding who cheated and who didn’t. Clearly, that is their prerogative.

The report sets out three primary reasons why the authors believe that cheating took place:

  1. Targets set by the district were often unrealistic. The administration put unreasonable pressure on teachers and principals to achieve targets.
  2. A culture of fear, intimidation, and retaliation spread throughout the administration.
  3. Dr. Hall, the school system’s former superintendent, emphasized test results and public praise to the exclusion of integrity and ethics.

What can companies learn from the APS investigation? There are many, many lessons that can be learned, but below are my initial thoughts:

  1. Be very careful what you ask for; you might just get it – If a company demands performance but does so through fear and intimidation, there may be short-term gain, which will lead to long-term pain. The tactics employed may come back to haunt them.
  2. Nothing remains hidden forever – Eventually, employees will break and report their concerns to whoever will listen. It is almost impossible to keep a secret of this magnitude in any environment, never mind a corporation where employees have access to email, the Internet, instant messaging, etc. People love to talk, and when they do, what they say often ends up on the front page of newspapers nationwide.
  3. Tone at the top really matters – It starts with the CEO and rolls all the way down through executive ranks to the front-line supervisors. Employees need to know that the company’s senior leadership abides by the company’s code of conduct and expects employees to do the same. Don’t expect an organization to perform in an ethical manner if the leadership appears to be morally bankrupt.
  4. Even the best employees can go “bad” – As I have said before, not all fraudsters are bad people. Even the most ethical employee can commit fraud when the circumstances are right. Ensure that the “perception of detection” – the belief by employees that they will be caught committing fraud – remains high. Don’t allow your company to create a climate where employees can succumb to temptation.
  5. Deploy an employee hotline and follow up on all tips – Companies of all sizes can benefit from an employee hotline. It is by far the most effective method to uncover fraud. Just as importantly, every tip that is received should be investigated to its logical conclusion. As soon as employees believe that the company is not treating tips seriously, they will stop calling and become very disillusioned. In fact, it is not unusual for the tipster to become the fraudster when they see others “getting away with it.”

In my opinion, if all of the allegations detailed in the report are true, everyone loses, but the biggest losers are the children. They literally don’t know what they don’t know. As they enter college and eventually the workforce, they may never fully appreciate what a disservice they received by “passing” the CRCT.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter, or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com