The Association of Certified Fraud Examiners released their biannual survey this year on occupation fraud; the survey again shows the average organization loses 5% of their annual gross revenue to fraud.1 The issues stemming from fraud can be magnified significantly during an economic crisis such as the one the United States is currently experiencing due to COVID-19. The fraud in such an economy can be categorized into two groups: fraud which has been ongoing and only uncovered due to the drop in the economy, and fraudsters taking advantage of the economic situation.
Ongoing Fraud Revealed
Warren Buffet once said, “Only when the tide goes out do you discover who’s been swimming naked.”
The latest drop in the market will likely uncover some fraud such as the frauds revealed in the last two recessions. The market drops in 2000 and 2001 resulted in the uncovering of frauds in Enron and World Com and many other “dot com” bubble companies. The market drops in 2008 resulted in the uncovering of Bernie Madoff’s Ponzi scheme as well as several other frauds.
The current crisis to hit the economy will uncover a plethora of fraud, waste, and abuse over the next several months to years. This type of fraudulent activity has been there all along; it never really left after the mortgage fraud prosecutions of 2008 had subsided, but the rising economy causes companies to overlook such issues and problems. The companies are then forced to reckon with the issues when the economy declines and budgets get tight.
Several years ago, I worked on a case in which a business manager had been committing fraud. The business manager had access to the checks, and the checking account, as well as the ability to make entries in general ledger. Shortly after the investigation began, the fraud was uncovered. The business manager admitted to the fraud when confronted with the evidence, but, in spite of the evidence and the admission, the owner decided not to fire the business manager. The reasoning was that the fraud uncovered was not material to the company. Just a few short years later, however, when the economy was tight, the fraud became material, and the business manager was fired. Just as a side note, after they fired him, the company found that he had been stealing from the company in many other ways.
The high tide of the good economy over the past decade has enabled many fraudsters to hide their crimes. The sharp drop in the economy will cause companies to reexamine their budgets, tighten their belts, and cut expenses. As they do so, many will find instances and examples of employee fraud, vendor fraud, poor financial management, and a host of other issues.
Indeed, the next few months and years will be interesting from a financial fraud perspective to see what is uncovered and who has been “swimming naked.”
New Fraud Schemes
The drop in the economy has also provided new vectors for fraudsters to create schemes to defraud the government, people, and companies. Just recently it was revealed that charges were being brought against a man in Rhode Island who applied for a PPP loan under the CARES Act.2 The man did not have any employees, however, and one of the defendants lied to an undercover FBI agent. Fraudulent PPP loan applications are just one of many novel ways in which fraudsters are taking advantage of the novel Corona Virus.
Another fraud taking place includes fake charities seeking donations. A search of the recent registrations for domain names reveals a number of new websites with COVID-19 and charity. Searching for “covid” through “*.com” domain names returned over 42,000 domain names with the word “covid” in them. Limiting the search to names with “covid” and “charity” or “test” or “vaccine” revealed several thousand websites purporting to offer home testing or tests of vaccines.
Many older frauds have made a resurgence. The increase in work-from-home employees means that many employees are now working outside of the protections of their company’s firewall or email scanning services. The corporate grade scanning services have allowed the cyber fraudsters to target employees directly. Several weeks ago, I received a number of inquiries from individuals receiving extortion emails — emails in which the cyber fraudster is threatening to reveal embarrassing information until an extortion payment is made. The emails purport to verify the fraudster’s threat by including an email address and a password. The passwords are actual passwords used by the email recipient and are from old data breaches like LinkedIn and Marriott and Yahoo. Because the fraudster includes an actual password, the email appears to be a legitimate threat, and the recipients may be tricked into paying the extortion.
Awareness is the Key
Fraud, it seems, is inescapable. It is omnipresent and makes periodic resurgences in tough economies. The fraudsters themselves are looking for money as well. The key for prevention is awareness. Educate your clients and employees as to the possibilities of fraud. Talk early and often about the new types of fraud, and the new ways in which fraudsters are attempting to reach into your network. The fraudsters have an advantage when communication is poor; when we are all separated by distance while working from home and feeling separated from normal support groups, the fraudsters will try to fill that void.
Establish a hotline or webpage for your clients and employees. When employees are working remotely, your clients may be without the communication necessary to find out if an email is legitimate or a BEC fraud.
Update the information regularly and communicate often. Once established, a communication portal should be regularly updated. Ensure that there are regular postings and that information does not become stale. The fraudsters and the schemes evolve almost daily in times such as these and the communications should be constantly updated as well.
Review internal policies and procedures. It is also a good time to review internal business continuity plans, cyber security policies, insurance, and software agreements. Most agreements and policies did not fully anticipate a pandemic with a work from home option. Review those agreements to ensure you and your organization are covered if a phishing scam or ransomware attack occurs at a work from home location.
For more information, contact Bob Kardell, J.D., MBA, CISSP, CPA, CFE, CFF, attorney at Baird Holm LLP, 402-636-8313, or email@example.com.
Bob is a member of the Technology and Intellectual Property Section of Baird Holm LLP specializing in cybersecurity and breach response. Bob is also a retired FBI Special Agent with over 27 years of fraud and investigative experience.