Thank You
In this final post of the year 2012, I would like to say a very big thanks to my regular readers,clients and others who have contacted me through this blog. I hope my thoughts and ideas have contributed positively to you and your organization.
Happy holidays to you all
Analysis and Commentary on Fraud, Money Laundering and other Financial Crime issues
Monday 24 December 2012
Monday 17 December 2012
Online
Christmas shoppers Be alert!
It
is that time of the year again when Christmas is celebrated. Millions of people
would be shopping to find the perfect gifts for loved ones, family and friends.
Majority of us would be shopping online, maybe due to other commitments or the
worry of going out, and then I thought it would be helpful to remind ourselves
of some valuable tips to remain vigilant against the danger of online fraud.
Unfortunately
online fraud is a massive problem. Reports from the Card Protection Plan (CPP) suggest
that there is a victim of online fraud every seven seconds. So it is very
important to keep safe and vigilant against these threats.
One
of the most important tips I would give is to always shop on secure websites,
this means websites that has a small padlock symbol in the right hand side of
the address bar that encrypt any sensitive financial information that you
input. Websites that start their web addresses with: https//www means the
website should be trusted and is secure. If we do shop on unsecure sites, we
could be putting ourselves at risk of card-not-present fraud, where card
details could potentially be used by fraudsters to take out goods or services
in your name.
Another
important tip is to always log out of sites once you’ve finished shopping. If you
use a shared computer, this means other people cannot go on and use your log-on
details to buy their Christmas gifts. And as an extra security measure, if a
website offers you the chance to use Verified by Visa or MasterCard Secure
Code, then use it. It’s easy-to-use and adds another level of verification,
which means you’re better protected against anyone gaining access to your
personal card details.
Online fraudsters are becoming increasingly sophisticated and unfortunately Christmas shoppers are a prime target, particularly due to the various sites we visit in the search for that perfect gift.
Here are the CPP’s top tips for shopping safely online:
• Install anti-virus protection, which scans for malicious files that give the PC or notebook a virus
• Install anti-phishing tools, which identify phishing e-mails and links that trick users into giving away private information
• Install an active firewall, which updates and upgrades automatically, preventing hackers from gaining access to a PC or laptop
• Keep your personal information safe. If someone asks for your personal details ask yourself why they would need them – particularly for online enquiries
• Don’t write down PIN numbers, passwords, user names unless you absolutely have to do so, and if you do, keep them to yourself
• If you store personal information on your PC, install up-to-date security software
• Remember the golden rule: identity thieves are experts at spotting an opportunity to steal your identity and all they need are a few personal details so look after them.
Monday 3 December 2012
Corruption in the Procurement Process
Procurement is a very lucrative area for corruption in every
country as a large percentage of expenditure is spent through procurement or
contract annually. “The procurement systems are those processes, procedures and
entities involved in the purchases of goods and services by public or private entities”.
This could involve construction of an expressway, consumption or investment of
goods and services, from pencils, bed sheets, drugs for hospitals, gasoline of
government cars, equipments for schools and hospitals, hiring of consultants
for engineering, financial, legal or other advisory functions.
Public Procurement is particularly vulnerable to corruption
due to the high level of funds involved. According to the Organization for
Economic Co-operation and Development (OECD), expenses related to procurement
amount to 15% of the gross domestic product and can be substantially higher in
most developing countries. A large part of health and education expenditure is
used for procurement of goods and services; one general estimate is that
between 20 to 50 % of government health expenditure is spent on drugs.
Procurement corruption can take many forms, from bribery and
kickbacks, facilitation payments, collusion, conflicts of interest, bid
rigging, vendor fraud, defective pricing and many more.
Mitigating Corruption in Procurement
The first step is recognising there is a risk of corruption in the procurement cycle and to be proactive rather than waiting till there is a problem. Mitigating strategies such as competitive bidding must be applied at all stages of the procurement, restricting contact between bidders and procurement staff, setting up a conflicts of interest register to manage possible conflicts of interest cycle. Red flags such as, expensive lifestyle unexplained by known income, unapproved external jobs, frequent social contacts with suppliers, contractors and other clients and many others must be developed for staff of every organisation.
In addition to this, the
leadership in a country must fight corruption aggressively. If grand corruption exist at the highest
level, it is almost impossible to end smaller forms of corruption. The
legislative framework in a country should cover all aspects of the procurement cycle
and all actors involved.
If you would like to know more about this subject matter, I
invite you to contact me via email (contact@emgfraudconsulting.co.uk).
Thursday 15 November 2012
How is the Fraud health of your company?
It is International Fraud Awareness week and a perfect time
to ask questions of clients.
Are you vulnerable to fraud?
Do you have adequate controls in place to prevent it?
I suggest that you test your company’s fraud health with a free
check-up tool (courtesy of the Association of Certified Fraud Examiners).
Why you should take the Fraud Prevention Check- Up
It is an affordable and easy to use way to identify gaps in your company’s fraud prevention processes. By identifying risks early, you have a chance to correct the problem before losing money and becoming a victim of fraud.
It is also a great opportunity to establish a relationship
with a Certified Fraud Examiner (CFE) whom you can call when fraud questions
arise. Since the risk of fraud can be reduced but is rarely eliminated, it is
likely your company will experience fraud in the future and will need a CFE’s
assistance.
Strong fraud prevention controls increases investors confidence in your company,which in turn will help you attract and retain
capital.
Monday 29 October 2012
Ponzi Schemes
When talking about Ponzi schemes, people normally would think of “Bernie Madoff”,but this scheme was actually named after "Charles Ponzi" who became notorious for using the technique in 1920. “The Association of Certified Fraud Examiner defines a Ponzi scheme as an illegal business practice in which in which new investors money is used to make payments to earlier investors”.
Majority of people believe that they would never fall for a scam such as this, but most people who have suffered this scheme felt the same way. Ponzi schemes have specific characteristics which include:
* Promise of a high return on investment with little or no risk. Every investment carries some degree of risk, and the greater the return, the greater the risk. Be highly suspicious of any "guaranteed" investment opportunity.
* Overly consistent returns. Investments tend to fluctuate over time, especially those seeking high returns. Be wary of any investment that continues to generate regular, positive returns even in bad market conditions.
* Unregistered investments. Ponzi schemes typically involve investments that have not been registered. Registration is important because it provides investors with access to key information about the company's management, products, services, and finances.
* Unlicensed sellers. Most countries have laws in place that require investment professionals and their firms to be licensed or registered. Most Ponzi schemes involve unlicensed individuals or unregistered firms.
* Secretive and/or complex strategies. Avoid investments you don't understand or with incomplete and unverifiable information.
* Paperwork Issues. Never accept any excuses regarding why you can't review information about an investment in writing, and always read an investment's prospectus carefully before taking any decision. Also, account statement errors may be a sign that funds are not being invested as promised.
* Difficulty receiving payments. Be suspicious if you don't receive a payment or have difficulty cashing out your investment. Have it in mind that Ponzi scheme promoters sometimes encourage participants to "roll over" promised payments by offering even higher investment returns.
A great percentage of people who invest their hard earned money into real estate, stocks and other investment opportunities do so based on trust. Whether they actually know the person they are trusting their money with, somewhere along the line, the scam artist wins their trust, convince them to invest and make them think their money is safe and going to yield substantial profits.
Fraudsters could be anyone from our social lives. They could be family, loved ones, friends and even your granddad! My candid advice to anyone who was offered an investment opportunity and is really considering it, never give away more than you can afford to live without. Ponzi schemes seem to be on the rise so if you have friends or family members who are talking about an investment of a lifetime, make sure you put all of your red flags up and really make an honest assessment of who you are trusting with your money.
If you would like to know more about this subject matter, you are most welcome to get in touch with me via email (contact@emgfraudconsulting.co.uk).
Monday 15 October 2012
WorldCom Fraud
In doing some research recently, I came across this
information:
Ten years ago
Prosecutors indicted WorldCom's former chief financial officer, Scott Sullivan,
and Buford Yates Jr., WorldCom's former director of general accounting.
(Sullivan, accused of overseeing a long-running conspiracy to hide operating
expenses in order to boost WorldCom's earnings, later admitted guilt and was
sentenced to five years in prison. Yates later pleaded guilty to securities
fraud and conspiracy and agreed to help prosecutors; he was sentenced to one
year and one day in prison.)
The WorldCom case was a classic example of financial
statement fraud. WorldCom capitalized costs that should have been expensed,
thus inflating profits in the short time. They also recorded fictitious
revenues to achieve the same goal.
Although not all frauds involve such large, well known companies, cases like WorldCom serve as an urgent reminder that all organizations need to be proactive. If you would like to learn more about the WorldCom fraud and related topics, I invite you to contact me via email (contact@emgfraudconsulting.co.uk).
Monday 1 October 2012
2012 Report to the Nations on Occupational Fraud and Abuse
The Association of Certified Fraud Examiners 2012 report to
the nation on occupational fraud and abuse is based on actual fraud cases
reported by CFEs. The report contains important facts very vital for business
owners.
·
Median loss from reported fraud cases: $140,000.
·
Percent of frauds initially detected via tip:
43%.
·
Most commonly victimized industries: banking and
financial services, government, public administration and manufacturing.
·
Percent of fraudsters with clean employment
histories: 87%.
·
Percent of cases where a fraudster exhibited at
least one red behavioural red flag: 81%.
This report also draws important conclusions about the
impact of fraud on small businesses, the importance of “hotlines” for reporting
suspected fraud and other matters.
An electronic version of this report is available via http://www.acfe.com/rttn.aspx
Wednesday 19 September 2012
Employee Fraud
This is such a sensitive topic to discuss about as the thought of acknowledging that someone you hired is committing fraud against your business is difficult to take. Business owners are often laid back on implementing fraud prevention programs, most often citing cost reasons, while others hold their collective breath, hoping and praying that somehow they miraculously avoid this employee misconduct all together or worse they are totally convinced that don’t have any employee fraud problem.
According to the 2012 Report to the Nations on Occupational Fraud and Abuse from the Association of Certified Fraud Examiners, companies lose 5% of their annual revenue due to employee misconduct. Last year alone, the median loss related to fraud cases in the workplace was $140,000, with more than one-fifth of those victimized companies seeing losses totalling at least $1 million dollars.
Fortunately, there are effective and affordable ways to reduce your risk of exposure. I have put together an 8 point program for business owners to follow in order to identify cases fraud might occur, more importantly to prevent it and educate your employees about its importance. Let me go straight into these programs:
Know your Employees: Getting to know your employees is very vital,engage them in conversations and through that, you may identify potential opportunities and risk for fraud. So from employees talking about issues such as his spouse just lost her job or an issue in the family that might create financial difficulties or if there are personal issues within the family, all those issues may be indicators for creating opportunities for fraud.
Employee Awareness: This actually starts with the hiring process, conduct background check on any potential candidate, search the person’s name on google, facebook and twitter just to see if there are any information out there, you would be surprised about the amount of information out there on the internet. This could also mean establishing set written policies for your employees, let them know you consider it a serious offence and would take serious actions if any employee violates your policy. It is important for business owners to communicate this very often to their employees.
Segregation of Duties: This is very key for reducing your exposure to fraud, you don’t want the same person to open the mail, reconcile the cheque book, make the cash deposit and pay your vendors. This would create an environment for potential fraud.
Mandatory Vacations: Most often, employees who perpetrate fraud will be unwilling to take time off work as what they are doing may be uncovered when they are gone, so it’s important to ensure employees take their vacations.
Train your Employees in Fraud Prevention: Employee tips are one of the common ways of detecting fraud, training your staff on basic fraud prevention techniques and what to do when fraud occurs will help you establish a first line of anti-fraud defence.
Carry out Employee Surveys: Asking employees how they feel about their employer is an excellent way to assess employee satisfaction and uncover possible opportunities for fraud. When used correctly, employee surveys can improve morale and help employees feel involved and in control of what happens to them in the workplace.
Establish a Hot Line: Setting up employee hotlines makes it much easier for your employees to report situations that may be going on, this also demonstrates your company’s commitment to ethical behaviour which in turn reduces the risk of fraud. “The ACFE emphasizes that employee hotlines are the most common way companies root out fraud, even though employees may be reluctant to use them to tattle on their bosses (and hence the reason that executives are able to hide it longer; lower-ranking employees tend to be able to hide for only a year). Perpetrators who have higher levels of authority are in a better position to override controls or conceal their misconduct, according to the ACFE report”.
Hire Experts. I can’t emphasize this enough, but typically the business is the biggest asset a business owner has and they do things to protect it but they don’t invest money to protect it against fraud. If you think you have uncovered a case of employee fraud, it is wise you speak to an expert such as a Certified Fraud Examiner about it, as they would give you an objective view of the matter.
This list is not exhaustive, if you want to know more about this subject matter, please get in touch with me via email (contact@emgfraudconsulting.co.uk). I would be happy to do a seminar on this or related topic in your organisation.
Tuesday 4 September 2012
The Threat of Social Networking
Social Networking is changing the way we live our lives, infact is now an integral part of the way we live, work and play. Over the years, sites like Facebook, Badoo, MySpace, Hi5 and Bebo have helped friends to connect online and share messages, pictures and videos, as well as to meet new people, chat and play games while these sites have also helped business owners in the area of marketing, communicating with customers and collecting information. It is important to note that these social networking sites have unexpected consequences, and people unaware of its inherent risk can be caught off guard.
The Risk
The growth in the popularity of social networking sites has made them and their users a prime target for fraudsters and scammers. These sites are used to spread malicious software or application downloads, to steal personal information or to target individuals or their friends and family for criminal activity (such as fraud).
Scammers can also use social networks to impersonate others (often celebrities) by setting up fake accounts in their name. Therefore it is important to be aware of the dangers arising from social networking sites and to limit the amount of information you disclose online.
Identity fraud: People do often give away unnecessary information on social networks which can then be used by fraudsters to commit crime or sell on to others.‘Live chat’ facilities are sometimes used to trick you into disclosing information. Even small pieces of information can be very useful to a fraudster more particularly when combined with other information obtained elsewhere.
Romance fraud and ‘honey traps’: Fraudsters use online dating sites to target innocent people for dishonest purposes by claiming to be who they are not. These fraudsters often use sophisticated and convincing tactics to earn your trust before asking to borrow money that will never be repaid or to have access to your bank accounts or other personal information that can then be used to commit crime.
Rogue or fake apps: These can be for anything – games, video calling, anti-virus patches, smartphones etc. Some are dummy apps leaving you out of pocket while others seek to compromise your email or account details to send spam-related or malicious site links to your friends or followers.
Fake videos: These claim to show videos of celebrities or ‘shocking’ events, but require you to complete a survey (or surveys) first Sharing or liking the posts helps to spread the scam further. Ultimately the video may be non-existent or false. Meanwhile the scammer has been paid a commission for the surveys you have completed.
Managing the Risk
· It is very important to know that social networking takes place in public places with limited privacy. Even innocent information shared with the world can be dangerous in the wrong hands.
· Be very careful about accepting ‘friend’ requests from people you do not know – don’t add them. Be careful about the type and amount of information you post about yourself, family, friends and employer when using social networks
· Be aware that some media tools e.g. "Triplt" broadcast trip and travel plans. Be cautious about posting status updates indicating where you are or going too.
· Make sure you read and understand the social network’s terms and conditions for use, no matter how boring they seem. Do some research on the internet about what others are saying about the site; are there any privacy or security issues that you should be aware of? Will your data be shared with third parties?
· Reduce the amount of personal information you post on these social networking sites. Do not disclose your home address or mobile phone number- This information can be very useful to fraudsters and others.
Gbolahan Babalola, CFE is the Director of EMG Fraud Consulting Limited. His passion is fraud prevention awareness for businesses, companies, non-profit organisations and private clients. He can be reached at contact@emgfraudconsulting.co.uk
Tuesday 14 August 2012
Phishing Scam
If you do a lot of your banking and shopping online, you may have heard of the online scam called “phishing”. Phishing is a type of fraud through which fraudsters acting as a trusted business like a bank, ask for sensitive information like usernames, passwords and credit card details. You should always be suspicious if you receive an email that seems to be from your bank asking you to verify and provide any form of personal account information.
Any email requiring such information from you is likely to be a phishing scam. Here is what a Phishing email may look like.“when you click on a link in a fraudulent email, you will be taken to a look alike website, where Phishers will run programs that can be used to steal your login information, PIN numbers, or passwords. Once the phishers have this information, they can use it to commit fraud, including stealing money from your account, or even identity theft.
Phishers often use real logos, addresses and phone numbers of organizations we all trust as bait. These look alike websites look very genuine, but remember that legitimate websites will have the letters hptts: // in the URL and a closed“padlock” icon. Remember never give out account numbers , PIN numbers or passwords online or over the phone. Never call the phone number given to you in a suspicious email, instead use the number on the back of your bank card to confirm legitimacy. Most importantly, remember that your bank will never ask you to provide personal information in an email. Watch out for emails that claim your account security has been compromised. It might look like this;
Dear valued customer,
“To verify your identity, kindly follow reference below and take the directions to instant activation. “We urge you to update your security features immediately. Failure to do so could lead to your account being compromised”.
Effective Phishing control measures include; arming computers with spam filters, antivirus and anti-spyware software and a firewall, kept up to date, deleting unsolicited emails from financial institutions,, credit unions, investments companies and government parastatals with which you are not familiar with. If any relationship exists between you and the email originator, call the organisation to confirm its legitimacy . Furthermore, avoid entering passwords or sensitive information into public computers, such as internet cafes, library, computer lab and airport kiosk. These suggested measures can help mitigate the risk of Phishing scams.
If you do fall victim to a phishing scam, please contact your bank and always endeavour to keep a close watch on transactions and credit reports.
Email: contact@emgfraudconsulting.co.uk
Twitter: @emgfraudconsult
Wednesday 1 August 2012
1
|
15 Ways to Avoid being a Victim of Fraud
Do not assume a credible-looking website is credible. Anyone can
create a website that looks legitimate.
|
2
|
An old financial cliche that has been around much longer than the
Internet applies to Web deals, too: If it seems too good to be true, it probably
is.
|
3
|
Be cautious of unsolicited e-mails and phone calls -- many are
fraudulent.
|
4
|
Be wary of anyone who asks for personal information. Do not give out
any information to a person, business or web site you have not verified with
a reputable source.
|
5
|
Your personal information should not be necessary unless you are
applying for credit. Do not give it out.
|
6
|
Be suspicious of anyone who contacts you and claims to be from a
company with whom you have an account like a bank, credit card or phone
company. If they ask for information that the business already has, do not
give it to them. Call the company independently, using the contact
information on your statement or from the official Web site.
|
7
|
Do not respond to offers that demand you act immediately or won't take
"no" for an answer.
|
8
|
Legitimate charitable causes do not need to telephone or e-mail to
solicit donations or obtain passwords to accept donations. Do not respond to
these offers or pleas for help.
|
9
|
Do not follow the unsubscribe instructions in unsolicited e-mail. In
many cases, it only verifies your e-mail address -- you will get even more
junk e-mail.
|
10
|
E-mail addresses or Web addresses that have a company name in the
address are not necessarily from that company. Go to the official Web site
for contact information.
|
11
|
Do not open e-mail attachments from unfamiliar sources. They could
contain malicious programs designed to steal your personal information.
|
12
|
Watch out for pop-up windows asking you to enter in financial data.
Legitimate companies won't require you to submit sensitive information this
way.
|
13
|
Keep your computer protected. Having anti-virus software is great, but
you also need anti-spam and spyware protection to keep scams and computer
intruders at bay. Utilize and update your firewall.
|
14
|
Watch out for online job ads that read like get-rich-quick schemes.
Think about it. No company wants to pay gobs of money for someone with no
experience to do easy work.
|
15
|
Complicate your passwords. Don't use a word or number easy to guess,
such as your significant other's name or birthday. Change them frequently.
Sources: Internet Fraud Watch, Internet Crime Complaint Centre
Twitter: @emgfraudconsult
Email: contact@emgfraudconsulting.co.uk
|
Tuesday 17 July 2012
GUEST
POST: How to Avoid Job Scams by Nicole Nicholson.
Submitted
by Gbolahan Babalola on Wednesday, 18/07/12
With
so many people searching for jobs, the possibility of being scammed into
something harmful is increased tenfold. Unfortunately, a lot of people have
jumped at the chance to take advantage of the fact that so many people need
jobs and have started to offer fake jobs in order to grab your personal
information. This can be extremely dangerous and with your information they can
fraud you out of your money and your identity. When searching for jobs,
especially online, you need to be careful to avoid these job scams. Take a look
at some of these tips and make sure you never give your information to a shady
online job offer.
The first things you should be aware of are the job listings themselves. A lot of the job scams that are out there now are listed under the guise of very popular and generic job titles. For instance, job titles like “customer service representative” or “administrative assistant” are well-known positions that the majority of people are qualified for. Pay careful attention to these job titles and make sure they are legit. Another easy way to scam job seekers is to tell them that “telecommuting is OK.” This will draw in a lot of people because, let’s face it, who doesn’t want to work in the comfort of their own home? A lot of these positions won’t list a specific location and that is a big sign that this job is a scam. Most of these fraudulent job offers will boast amazing earnings. Do you really think you can make $1,000 a week by doing virtually no work? Let’s be real here, this doesn’t exist.
The first things you should be aware of are the job listings themselves. A lot of the job scams that are out there now are listed under the guise of very popular and generic job titles. For instance, job titles like “customer service representative” or “administrative assistant” are well-known positions that the majority of people are qualified for. Pay careful attention to these job titles and make sure they are legit. Another easy way to scam job seekers is to tell them that “telecommuting is OK.” This will draw in a lot of people because, let’s face it, who doesn’t want to work in the comfort of their own home? A lot of these positions won’t list a specific location and that is a big sign that this job is a scam. Most of these fraudulent job offers will boast amazing earnings. Do you really think you can make $1,000 a week by doing virtually no work? Let’s be real here, this doesn’t exist.
Posted
jobs like this are unrealistic and only want your information for
unsatisfactory purposes. However tempted you may be, stay away. Earning a large
sum of money for doing nothing only exists for possibly 0.5 percent of the
working population- and those people likely worked very hard to get where they
are now. Or maybe they didn’t. Either way, it’s not a realistic job offer.
A
lot of these job offers also forget that adequate grammar and punctuation is
necessary for companies offering open positions. Many job scams will have job
descriptions with tons of misspelled words and obnoxious punctuation. Know that
if a reputable company has an open position and wants to hire someone competent
and intelligent, they will likely be competent themselves. Real companies
posting real job offers will take time to type up their open positions and will
likely know how to spell. If it is, in fact, a real job post do you think you
would even want to work for a company that didn’t take the time to make sure
their job post was professional and correct? I’m not quite sure I would.
Another
thing to look out for are the posts that boast“no experience necessary”yet the
earnings are high. Again, let’s be real here. What company is really going to
pay a candidate tons of money when they don’t have any experience? This is
another description of a fantasy job that just doesn’t exist. Most importantly,
any job post that asks you to fill out applications that require tireless
amounts of your personal information is likely a scam. Even more important, if
this job offer is asking for your checking or banking information run far, far
away! No legitimate company will ask you for this kind of information just to
apply for their open position. Never, never, never give personal information
like this away online for job offers. This is a scam and if you participate in
it you can pay a high price. Literally.
If
you for some reason miss any of these tell-tale signs that this is a job scam,
then be careful to note a couple more things. If the company’s email is from
yahoo, gmail, hotmail account or any other free mail service provider, this is
probably a scam. Companies don’t use free mail services. Their emails likely
end in their company name. All in all, in order to avoid job scams you really
just need to use your common sense. As stated earlier, no one gets paid to do
nothing and if you do, please tell me where I can get your job! These kinds of
promises only exist in job market paradise. It’s unfortunate that people out
there try so hard to take advantage of job seekers in this weak market, but
it’s a reality. Don’t fall victim to the these job scams and do everything you
can to avoid them.
Twitter: @emgfraudconsult
Email: contact@emgfraudconsulting.co.uk
Twitter: @emgfraudconsult
Email: contact@emgfraudconsulting.co.uk
Subscribe to:
Posts (Atom)