Thank You

In this final post of the year 2012, I would like to say a very big thanks to my regular readers,clients and others who have contacted me through this blog. I hope my thoughts and ideas have contributed positively to you and your organization.

Happy holidays to you all

Online Christmas shoppers Be alert!

It is that time of the year again when Christmas is celebrated. Millions of people would be shopping to find the perfect gifts for loved ones, family and friends. Majority of us would be shopping online, maybe due to other commitments or the worry of going out, and then I thought it would be helpful to remind ourselves of some valuable tips to remain vigilant against the danger of online fraud.

Unfortunately online fraud is a massive problem. Reports from the Card Protection Plan (CPP) suggest that there is a victim of online fraud every seven seconds. So it is very important to keep safe and vigilant against these threats.

One of the most important tips I would give is to always shop on secure websites, this means websites that has a small padlock symbol in the right hand side of the address bar that encrypt any sensitive financial information that you input. Websites that start their web addresses with: https//www means the website should be trusted and is secure. If we do shop on unsecure sites, we could be putting ourselves at risk of card-not-present fraud, where card details could potentially be used by fraudsters to take out goods or services in your name.

Another important tip is to always log out of sites once you’ve finished shopping. If you use a shared computer, this means other people cannot go on and use your log-on details to buy their Christmas gifts. And as an extra security measure, if a website offers you the chance to use Verified by Visa or MasterCard Secure Code, then use it. It’s easy-to-use and adds another level of verification, which means you’re better protected against anyone gaining access to your personal card details.

Online fraudsters are becoming increasingly sophisticated and unfortunately Christmas shoppers are a prime target, particularly due to the various sites we visit in the search for that perfect gift.

Here are the CPP’s top tips for shopping safely online:

• Install anti-virus protection, which scans for malicious files that give the PC or notebook a virus
• Install anti-phishing tools, which identify phishing e-mails and links that trick users into giving away private information
• Install an active firewall, which updates and upgrades automatically, preventing hackers from gaining access to a PC or laptop
• Keep your personal information safe. If someone asks for your personal details ask yourself why they would need them – particularly for online enquiries
• Don’t write down PIN numbers, passwords, user names unless you absolutely have to do so, and if you do, keep them to yourself
• If you store personal information on your PC, install up-to-date security software
• Remember the golden rule: identity thieves are experts at spotting an opportunity to steal your identity and all they need are a few personal details so look after them.

 

 

 

Corruption in the Procurement Process

Procurement is a very lucrative area for corruption in every country as a large percentage of expenditure is spent through procurement or contract annually. “The procurement systems are those processes, procedures and entities involved in the purchases of goods and services by public or private entities”. This could involve construction of an expressway, consumption or investment of goods and services, from pencils, bed sheets, drugs for hospitals, gasoline of government cars, equipments for schools and hospitals, hiring of consultants for engineering, financial, legal or other advisory functions.

Public Procurement is particularly vulnerable to corruption due to the high level of funds involved. According to the Organization for Economic Co-operation and Development (OECD), expenses related to procurement amount to 15% of the gross domestic product and can be substantially higher in most developing countries. A large part of health and education expenditure is used for procurement of goods and services; one general estimate is that between 20 to 50 % of government health expenditure is spent on drugs.

Procurement corruption can take many forms, from bribery and kickbacks, facilitation payments, collusion, conflicts of interest, bid rigging, vendor fraud, defective pricing and many more.

 

Mitigating Corruption in Procurement

The first step is recognising there is a risk of corruption in the procurement cycle and to be proactive rather than waiting till there is a problem. Mitigating strategies such as competitive bidding must be applied at all stages of the procurement, restricting contact between bidders and procurement staff, setting up a conflicts of interest register to manage possible conflicts of interest cycle. Red flags such as, expensive lifestyle unexplained by known income, unapproved external jobs, frequent social contacts with suppliers, contractors and other clients and many others must be developed for staff of every organisation.
 

In addition to this, the leadership in a country must fight corruption aggressively.  If grand corruption exist at the highest level, it is almost impossible to end smaller forms of corruption. The legislative framework in a country should cover all aspects of the procurement cycle and all actors involved.

If you would like to know more about this subject matter, I invite you to contact me via email (contact@emgfraudconsulting.co.uk).

How is the Fraud health of your company?

It is International Fraud Awareness week and a perfect time to ask questions of clients.

Are you vulnerable to fraud?

Do you have adequate controls in place to prevent it?

 

I suggest that you test your company’s fraud health with a free check-up tool (courtesy of the Association of Certified Fraud Examiners).

Why you should take the Fraud Prevention Check- Up

It is an affordable and easy to use way to identify gaps in your company’s fraud prevention processes. By identifying risks early, you have a chance to correct the problem before losing money and becoming a victim of fraud.

It is also a great opportunity to establish a relationship with a Certified Fraud Examiner (CFE) whom you can call when fraud questions arise. Since the risk of fraud can be reduced but is rarely eliminated, it is likely your company will experience fraud in the future and will need a CFE’s assistance.

Strong fraud prevention controls increases investors confidence in your company,which in turn will help you attract and retain capital.

Ponzi Schemes

When talking about Ponzi schemes, people normally would think of “Bernie Madoff”,but this scheme was actually named after "Charles Ponzi" who became notorious for using the technique in 1920. “The Association of Certified Fraud Examiner defines a Ponzi scheme as an illegal business practice in which in which new investors money is used to make payments to earlier investors”.

Majority of people believe that they would never fall for a scam such as this, but most people who have suffered this scheme felt the same way. Ponzi schemes have specific characteristics which include:

* Promise of a high return on investment with little or no risk. Every investment carries some degree of risk, and the greater the return, the greater the risk. Be highly suspicious of any "guaranteed" investment opportunity.

* Overly consistent returns. Investments tend to fluctuate over time, especially those seeking high returns. Be wary of any investment that continues to generate regular, positive returns even in bad market conditions.

* Unregistered investments. Ponzi schemes typically involve investments that have not been registered. Registration is important because it provides investors with access to key information about the company's management, products, services, and finances.

* Unlicensed sellers. Most countries have laws in place that require investment professionals and their firms to be licensed or registered. Most Ponzi schemes involve unlicensed individuals or unregistered firms.

* Secretive and/or complex strategies. Avoid investments you don't understand or with incomplete and unverifiable information.

* Paperwork Issues. Never accept any excuses regarding why you can't review information about an investment in writing, and always read an investment's prospectus carefully before taking any decision. Also, account statement errors may be a sign that funds are not being invested as promised.

* Difficulty receiving payments. Be suspicious if you don't receive a payment or have difficulty cashing out your investment. Have it in mind that Ponzi scheme promoters sometimes encourage participants to "roll over" promised payments by offering even higher investment returns.

A great percentage of people who invest their hard earned money into real estate, stocks and other investment opportunities do so based on trust. Whether they actually know the person they are trusting their money with, somewhere along the line, the scam artist wins their trust, convince them to invest and make them think their money is safe and going to yield substantial profits.

Fraudsters could be anyone from our social lives. They could be family, loved ones, friends and even your granddad! My candid advice to anyone who was offered an investment opportunity and is really considering it, never give away more than you can afford to live without. Ponzi schemes seem to be on the rise so if you have friends or family members who are talking about an investment of a lifetime, make sure you put all of your red flags up and really make an honest assessment of who you are trusting with your money.

If you would like to know more about this subject matter, you are most welcome to get in touch with me via email (contact@emgfraudconsulting.co.uk).

WorldCom Fraud

In doing some research recently, I came across this information:

Ten years ago Prosecutors indicted WorldCom's former chief financial officer, Scott Sullivan, and Buford Yates Jr., WorldCom's former director of general accounting. (Sullivan, accused of overseeing a long-running conspiracy to hide operating expenses in order to boost WorldCom's earnings, later admitted guilt and was sentenced to five years in prison. Yates later pleaded guilty to securities fraud and conspiracy and agreed to help prosecutors; he was sentenced to one year and one day in prison.)

 

The WorldCom case was a classic example of financial statement fraud. WorldCom capitalized costs that should have been expensed, thus inflating profits in the short time. They also recorded fictitious revenues to achieve the same goal.

Although not all frauds involve such large, well known companies, cases like WorldCom serve as an urgent reminder that all organizations need to be proactive. If you would like to learn more about the WorldCom fraud and related topics, I invite you to contact me via email (contact@emgfraudconsulting.co.uk).

2012 Report to the Nations on Occupational Fraud and Abuse

 

The Association of Certified Fraud Examiners 2012 report to the nation on occupational fraud and abuse is based on actual fraud cases reported by CFEs. The report contains important facts very vital for business owners.

 

·         Median loss from reported fraud cases: $140,000.

·         Percent of frauds initially detected via tip: 43%.

·         Most commonly victimized industries: banking and financial services, government, public administration and manufacturing.

·         Percent of fraudsters with clean employment histories: 87%.

·         Percent of cases where a fraudster exhibited at least one red behavioural red flag: 81%.

 

This report also draws important conclusions about the impact of fraud on small businesses, the importance of “hotlines” for reporting suspected fraud and other matters.

  

An electronic version of this report is available via http://www.acfe.com/rttn.aspx

Employee Fraud

This is such a sensitive topic to discuss about as the thought of acknowledging that someone you hired is committing fraud against your business is difficult to take. Business owners are often laid back on implementing fraud prevention programs, most often citing cost reasons, while others hold their collective breath, hoping and praying that somehow they miraculously avoid this employee misconduct all together or worse they are totally convinced that don’t have any employee fraud problem.

According to the 2012 Report to the Nations on Occupational Fraud and Abuse from the Association of Certified Fraud Examiners, companies lose 5% of their annual revenue due to employee misconduct. Last year alone, the median loss related to fraud cases in the workplace was $140,000, with more than one-fifth of those victimized companies seeing losses totalling at least $1 million dollars.

Fortunately, there are effective and affordable ways to reduce your risk of exposure. I have put together an 8 point program for business owners to follow in order to identify cases fraud might occur, more importantly to prevent it and educate your employees about its importance. Let me go straight into these programs:

Know your Employees: Getting to know your employees is very vital,engage them in conversations and through that, you may identify potential opportunities and risk for fraud. So from employees talking about issues such as his spouse just lost her job or an issue in the family that might create financial difficulties or if there are personal issues within the family, all those issues may be indicators for creating opportunities for fraud.

Employee Awareness: This actually starts with the hiring process, conduct background check on any potential candidate, search the person’s name on google, facebook and twitter just to see if there are any information out there, you would be surprised about the amount of information out there on the internet. This could also mean establishing set written policies for your employees, let them know you consider it a serious offence and would take serious actions if any employee violates your policy. It is important for business owners to communicate this very often to their employees.

Segregation of Duties: This is very key for reducing your exposure to fraud, you don’t want the same person to open the mail, reconcile the cheque book, make the cash deposit and pay your vendors. This would create an environment for potential fraud.

Mandatory Vacations: Most often, employees who perpetrate fraud will be unwilling to take time off work as what they are doing may be uncovered when they are gone, so it’s important to ensure employees take their vacations.

Train your Employees in Fraud Prevention: Employee tips are one of the common ways of detecting fraud, training your staff on basic fraud prevention techniques and what to do when fraud occurs will help you establish a first line of anti-fraud defence.

Carry out Employee Surveys: Asking employees how they feel about their employer is an excellent way to assess employee satisfaction and uncover possible opportunities for fraud. When used correctly, employee surveys can improve morale and help employees feel involved and in control of what happens to them in the workplace.

Establish a Hot Line: Setting up employee hotlines makes it much easier for your employees to report situations that may be going on, this also demonstrates your company’s commitment to ethical behaviour which in turn reduces the risk of fraud. “The ACFE emphasizes that employee hotlines are the most common way companies root out fraud, even though employees may be reluctant to use them to tattle on their bosses (and hence the reason that executives are able to hide it longer; lower-ranking employees tend to be able to hide for only a year). Perpetrators who have higher levels of authority are in a better position to override controls or conceal their misconduct, according to the ACFE report”.

Hire Experts. I can’t emphasize this enough, but typically the business is the biggest asset a business owner has and they do things to protect it but they don’t invest money to protect it against fraud. If you think you have uncovered a case of employee fraud, it is wise you speak to an expert such as a Certified Fraud Examiner about it, as they would give you an objective view of the matter.

This list is not exhaustive, if you want to know more about this subject matter, please get in touch with me via email (contact@emgfraudconsulting.co.uk). I would be happy to do a seminar on this or related topic in your organisation.

The Threat of Social Networking

Social Networking is changing the way we live our lives, infact is now an integral part of the way we live, work and play. Over the years, sites like Facebook, Badoo, MySpace, Hi5 and Bebo have helped friends to connect online and share messages, pictures and videos, as well as to meet new people, chat and play games while these sites have also helped business owners in the area of marketing, communicating with customers and collecting information. It is important to note that these social networking sites have unexpected consequences, and people unaware of its inherent risk can be caught off guard.

The Risk

The growth in the popularity of social networking sites has made them and their users a prime target for fraudsters and scammers. These sites are used to spread malicious software or application downloads, to steal personal information or to target individuals or their friends and family for criminal activity (such as fraud).

Scammers can also use social networks to impersonate others (often celebrities) by setting up fake accounts in their name. Therefore it is important to be aware of the dangers arising from social networking sites and to limit the amount of information you disclose online.

Common Types of Scams

Identity fraud: People do often give away unnecessary information on social networks which can then be used by fraudsters to commit crime or sell on to others.‘Live chat’ facilities are sometimes used to trick you into disclosing information. Even small pieces of information can be very useful to a fraudster more particularly when combined with other information obtained elsewhere.

Romance fraud and ‘honey traps’: Fraudsters use online dating sites to target innocent people for dishonest purposes by claiming to be who they are not. These fraudsters often use sophisticated and convincing tactics to earn your trust before asking to borrow money that will never be repaid or to have access to your bank accounts or other personal information that can then be used to commit crime.

Rogue or fake apps: These can be for anything – games, video calling, anti-virus patches, smartphones etc. Some are dummy apps leaving you out of pocket while others seek to compromise your email or account details to send spam-related or malicious site links to your friends or followers.

Fake videos: These claim to show videos of celebrities or ‘shocking’ events, but require you to complete a survey (or surveys) first Sharing or liking the posts helps to spread the scam further. Ultimately the video may be non-existent or false. Meanwhile the scammer has been paid a commission for the surveys you have completed.

Managing the Risk

· It is very important to know that social networking takes place in public places with limited privacy. Even innocent information shared with the world can be dangerous in the wrong hands.

· Be very careful about accepting ‘friend’ requests from people you do not know – don’t add them. Be careful about the type and amount of information you post about yourself, family, friends and employer when using social networks

· Be aware that some media tools e.g. "Triplt" broadcast trip and travel plans. Be cautious about posting status updates indicating where you are or going too.

· Make sure you read and understand the social network’s terms and conditions for use, no matter how boring they seem. Do some research on the internet about what others are saying about the site; are there any privacy or security issues that you should be aware of? Will your data be shared with third parties?

· Reduce the amount of personal information you post on these social networking sites. Do not disclose your home address or mobile phone number- This information can be very useful to fraudsters and others.

Gbolahan Babalola, CFE is the Director of EMG Fraud Consulting Limited. His passion is fraud prevention awareness for businesses, companies, non-profit organisations and private clients. He can be reached at contact@emgfraudconsulting.co.uk

Phishing Scam

If you do a lot of your banking and shopping online, you may have heard of the online scam called “phishing”. Phishing is a type of fraud through which fraudsters acting as a trusted business like a bank, ask for sensitive information like usernames, passwords and credit card details. You should always be suspicious if you receive an email that seems to be from your bank asking you to verify and provide any form of personal account information.

Any email requiring such information from you is likely to be a phishing scam. Here is what a Phishing email may look like.“when you click on a link in a fraudulent email, you will be taken to a look alike website, where Phishers will run programs that can be used to steal your login information, PIN numbers, or passwords. Once the phishers have this information, they can use it to commit fraud, including stealing money from your account, or even identity theft.

Phishers often use real logos, addresses and phone numbers of organizations we all trust as bait. These look alike websites look very genuine, but remember that legitimate websites will have the letters hptts: // in the URL and a closed“padlock” icon. Remember never give out account numbers , PIN numbers or passwords online or over the phone. Never call the phone number given to you in a suspicious email, instead use the number on the back of your bank card to confirm legitimacy. Most importantly, remember that your bank will never ask you to provide personal information in an email. Watch out for emails that claim your account security has been compromised. It might look like this;

Dear valued customer,

“To verify your identity, kindly follow reference below and take the directions to instant activation. “We urge you to update your security features immediately. Failure to do so could lead to your account being compromised”.

Effective Phishing control measures include; arming computers with spam filters, antivirus and anti-spyware software and a firewall, kept up to date, deleting unsolicited emails from financial institutions,, credit unions, investments companies and government parastatals with which you are not familiar with. If any relationship exists between you and the email originator, call the organisation to confirm its legitimacy . Furthermore, avoid entering passwords or sensitive information into public computers, such as internet cafes, library, computer lab and airport kiosk. These suggested measures can help mitigate the risk of Phishing scams.

If you do fall victim to a phishing scam, please contact your bank and always endeavour to keep a close watch on transactions and credit reports.

Email: contact@emgfraudconsulting.co.uk

Twitter: @emgfraudconsult

1	15 Ways to Avoid being a Victim of Fraud Do not assume a credible-looking website is credible. Anyone can create a website that looks legitimate.
2	An old financial cliche that has been around much longer than the Internet applies to Web deals, too: If it seems too good to be true, it probably is.
3	Be cautious of unsolicited e-mails and phone calls -- many are fraudulent.
4	Be wary of anyone who asks for personal information. Do not give out any information to a person, business or web site you have not verified with a reputable source.
5	Your personal information should not be necessary unless you are applying for credit. Do not give it out.
6	Be suspicious of anyone who contacts you and claims to be from a company with whom you have an account like a bank, credit card or phone company. If they ask for information that the business already has, do not give it to them. Call the company independently, using the contact information on your statement or from the official Web site.
7	Do not respond to offers that demand you act immediately or won't take "no" for an answer.
8	Legitimate charitable causes do not need to telephone or e-mail to solicit donations or obtain passwords to accept donations. Do not respond to these offers or pleas for help.
9	Do not follow the unsubscribe instructions in unsolicited e-mail. In many cases, it only verifies your e-mail address -- you will get even more junk e-mail.
10	E-mail addresses or Web addresses that have a company name in the address are not necessarily from that company. Go to the official Web site for contact information.
11	Do not open e-mail attachments from unfamiliar sources. They could contain malicious programs designed to steal your personal information.
12	Watch out for pop-up windows asking you to enter in financial data. Legitimate companies won't require you to submit sensitive information this way.
13	Keep your computer protected. Having anti-virus software is great, but you also need anti-spam and spyware protection to keep scams and computer intruders at bay. Utilize and update your firewall.
14	Watch out for online job ads that read like get-rich-quick schemes. Think about it. No company wants to pay gobs of money for someone with no experience to do easy work.
15	Complicate your passwords. Don't use a word or number easy to guess, such as your significant other's name or birthday. Change them frequently. Sources: Internet Fraud Watch, Internet Crime Complaint Centre Twitter: @emgfraudconsult Email: contact@emgfraudconsulting.co.uk

GUEST POST: How to Avoid Job Scams by Nicole Nicholson.

Submitted by Gbolahan Babalola on Wednesday, 18/07/12

With so many people searching for jobs, the possibility of being scammed into something harmful is increased tenfold. Unfortunately, a lot of people have jumped at the chance to take advantage of the fact that so many people need jobs and have started to offer fake jobs in order to grab your personal information. This can be extremely dangerous and with your information they can fraud you out of your money and your identity. When searching for jobs, especially online, you need to be careful to avoid these job scams. Take a look at some of these tips and make sure you never give your information to a shady online job offer.

The first things you should be aware of are the job listings themselves. A lot of the job scams that are out there now are listed under the guise of very popular and generic job titles. For instance, job titles like “customer service representative” or “administrative assistant” are well-known positions that the majority of people are qualified for. Pay careful attention to these job titles and make sure they are legit. Another easy way to scam job seekers is to tell them that “telecommuting is OK.” This will draw in a lot of people because, let’s face it, who doesn’t want to work in the comfort of their own home? A lot of these positions won’t list a specific location and that is a big sign that this job is a scam. Most of these fraudulent job offers will boast amazing earnings. Do you really think you can make $1,000 a week by doing virtually no work? Let’s be real here, this doesn’t exist.

  

Posted jobs like this are unrealistic and only want your information for unsatisfactory purposes. However tempted you may be, stay away. Earning a large sum of money for doing nothing only exists for possibly 0.5 percent of the working population- and those people likely worked very hard to get where they are now. Or maybe they didn’t. Either way, it’s not a realistic job offer.

A lot of these job offers also forget that adequate grammar and punctuation is necessary for companies offering open positions. Many job scams will have job descriptions with tons of misspelled words and obnoxious punctuation. Know that if a reputable company has an open position and wants to hire someone competent and intelligent, they will likely be competent themselves. Real companies posting real job offers will take time to type up their open positions and will likely know how to spell. If it is, in fact, a real job post do you think you would even want to work for a company that didn’t take the time to make sure their job post was professional and correct? I’m not quite sure I would.

Another thing to look out for are the posts that boast“no experience necessary”yet the earnings are high. Again, let’s be real here. What company is really going to pay a candidate tons of money when they don’t have any experience? This is another description of a fantasy job that just doesn’t exist. Most importantly, any job post that asks you to fill out applications that require tireless amounts of your personal information is likely a scam. Even more important, if this job offer is asking for your checking or banking information run far, far away! No legitimate company will ask you for this kind of information just to apply for their open position. Never, never, never give personal information like this away online for job offers. This is a scam and if you participate in it you can pay a high price. Literally.

If you for some reason miss any of these tell-tale signs that this is a job scam, then be careful to note a couple more things. If the company’s email is from yahoo, gmail, hotmail account or any other free mail service provider, this is probably a scam. Companies don’t use free mail services. Their emails likely end in their company name. All in all, in order to avoid job scams you really just need to use your common sense. As stated earlier, no one gets paid to do nothing and if you do, please tell me where I can get your job! These kinds of promises only exist in job market paradise. It’s unfortunate that people out there try so hard to take advantage of job seekers in this weak market, but it’s a reality. Don’t fall victim to the these job scams and do everything you can to avoid them.

        Twitter: @emgfraudconsult
        Email:  contact@emgfraudconsulting.co.uk