Pub. 15 2020-2021 Issue 1

NEBRASKA BANKERS ASSOCIATION 19 For more information, contact Bob Kardell, J.D., MBA, CISSP, CPA, CFE, CFF, attorney at Baird Holm LLP, 402-636-8313, or bkardell@bairdholm.com. Bob is a member of the Technology and Intellectual Property Section of Baird Holm LLP specializing in cybersecurity and breach response. Bob is also a retired FBI Special Agent with over 27 years of fraud and investigative experience. access to the checks, and the checking account, as well as the ability tomake entries in general ledger. Shortly after the inves- tigation began, the fraud was uncovered. The business manager admitted to the fraud when confronted with the evidence, but, in spite of the evidence and the admission, the owner decided not to fire the business manager. The reasoning was that the fraud uncovered was not material to the company. Just a few short years later, however, when the economy was tight, the fraud became material, and the business manager was fired. Just as a side note, after they fired him, the company found that he had been stealing from the company in many other ways. The high tide of the good economy over the past decade has enabledmany fraudsters to hide their crimes. The sharp drop in the economy will cause companies to reexamine their budgets, tighten their belts, and cut expenses. As they do so, many will find instances and examples of employee fraud, vendor fraud, poor financial management, and a host of other issues. Indeed, the next few months and years will be interesting from a financial fraud perspective to see what is uncovered and who has been "swimming naked." New Fraud Schemes The drop in the economy has also provided new vectors for fraudsters to create schemes to defraud the government, people, and companies. Just recently it was revealed that charges were being brought against a man in Rhode Island who applied for a PPP loan under the CARES Act. 2 The man did not have any employees, however, and one of the defendants lied to an under- cover FBI agent. Fraudulent PPP loan applications are just one of many novel ways in which fraudsters are taking advantage of the novel Corona Virus. Another fraud taking place includes fake charities seeking donations. A search of the recent registrations for domain names reveals a number of new websites with COVID-19 and charity. Searching for “covid” through “*.com” domain names returned over 42,000 domain names with the word “covid” in them. Limiting the search to names with “covid” and “charity” or “test” or “vaccine” revealed several thousand websites purporting to offer home testing or tests of vaccines. Many older frauds have made a resurgence. The increase in work-from-home employeesmeans thatmany employees are now working outside of the protections of their company’s firewall or email scanning services. The corporate grade scanning services have allowed the cyber fraudsters to target employees directly. Several weeks ago, I received a number of inquiries from indi- viduals receiving extortion emails — emails in which the cyber fraudster is threatening to reveal embarrassing information until an extortion payment is made. The emails purport to verify the fraudster’s threat by including an email address and a password. The passwords are actual passwords used by the email recipient and are from old data breaches like LinkedIn and Marriott and Yahoo. Because the fraudster includes an actual password, the email appears to be a legitimate threat, and the recipients may be tricked into paying the extortion. Awareness is the Key Fraud, it seems, is inescapable. It is omnipresent and makes periodic resurgences in tough economies. The fraudsters them- selves are looking for money as well. The key for prevention is awareness. Educate your clients and employees as to the pos- sibilities of fraud. Talk early and often about the new types of fraud, and the new ways in which fraudsters are attempting to reach into your network. The fraudsters have an advantage when communication is poor; when we are all separated by distance while working from home and feeling separated from normal support groups, the fraudsters will try to fill that void. Establish a hotline or webpage for your clients and employees. When employees are working remotely, your clients may be without the communication necessary to find out if an email is legitimate or a BEC fraud. Update the information regularly and communicate often. Once established, a communication portal should be regularly updated. Ensure that there are regular postings and that information does not become stale. The fraudsters and the schemes evolve almost daily in times such as these and the com- munications should be constantly updated as well. Review internal policies and procedures. It is also a good time to review internal business continuity plans, cyber security policies, insurance, and software agreements. Most agreements and policies did not fully anticipate a pandemic with a work from home option. Review those agreements to ensure you and your organization are covered if a phishing scam or ransomware attack occurs at a work from home location.  1 ACFE Report to the Nations, https://acfepublic.s3-us-west-2. amazonaws.com/2020-Report-to-the-Nations.pdf. 2 https://www.justice.gov/opa/pr/two-charged-rhode-island-stimulus- fraud The fraudsters have an advantage when communication is poor; when we are all separated by distance while working from home and feeling separated from normal support groups, the fraudsters will try to fill that void.