When seeing the term “ghost fraud,” your mind might start thinking about the controversial careers of psychics and “ghost whisperers.” While these unorthodox and potentially predatory behaviors towards the bereaved have been around for decades, real ghost frauds are spookier and far more costly.
These insidious fraud schemes have nothing to do with spirits and everything to do with hidden payrolls and hijacked mobile wallets. These frightening schemes are known as ghost employee fraud and ghost tap fraud, and they pose serious risks to businesses across many industries.
Ghost Employee Fraud
Despite the name, a “ghost” employee is not a well-designed bot programmed to scam the system by applying through job boards. Ghost employee fraud is a common form of internal occupational fraud where an employee, typically with payroll access, adds a non-existent employee (the “ghost”) to the company’s payroll. The fraudster then collects the wages and/or benefits that were intended for the phantom employee.
Ghost (Employee) Sighting
Recently in South Africa, the Johannesburg Commercial Crimes Court sentenced two former employees of the Gauteng Department of Education to prison for carrying out a ghost employee scheme that
siphoned off around $175,000 (ZAF 3 million).
Ghost Tapping Fraud
While ghost employees haunt the corporate payroll, ghost tapping is the new monster operating in broad daylight.
This scheme involves the fraudster using a mobile device to steal the victim’s card information and loading it onto a mobile wallet without the victim's knowledge. According to research from
Recorded Future’s Insikt Group’, fraudsters use Near Field Communication (NFC) relay tactics to gain access to mobile payment services like Apple Pay or Google Pay. “This technique allows these threat actors to provide mules with stolen payment card details linked to contactless payment systems in person to obtain physical goods, eventually transporting and reselling stolen goods for profit.”
Ghost (Tap) Sighting
In August, a
25-year-old woman was arrested in Auckland, New Zealand, for using multiple phones to quickly execute the “ghost tapping” operation, making an unauthorized purchase of more than $6,000. This scheme was halted whenever security at a high-end store called the police, right after she unsuccessfully attempted to use multiple phones to carry out this “ghost tapping” scam at a nearby jewelry store.
Avoid Getting Haunted by a Ghost (Fraud)
Organizations must get ahead of potential ghost employee schemes by preventing them before they happen and implementing stronger internal controls. Here are a few ways to protect your organization from this type of fraud:
- Regularly review employee records by validating credentials and checking physical addresses.
- Check for payroll abnormalities, such as multiple payments to the same bank account.
- Cross-reference payroll with attendance by double-checking that the name on the payroll has verifiable time and attendance records.
- Outsource payroll processing to a third party to add a layer of protection within your internal system.
For ghost tapping, fraudsters can steal card information directly from mobile phones by being within a few feet of the victim. This could include walking past the victim, using a card reader while disguised as a legitimate vendor or even by counting on the victim to be inattentive. Here are a few ways to protect yourself and others from falling victim to ghost tapping:
- Keep physical cards in RFID-blocking sleeves or wallets to protect them from passive scanning.
- Confirm payment details by checking the terminal screen to verify the merchant’s name and the amount before tapping your card in mobile wallet.
- Set up transaction alerts to your mobile phone or email to keep track of all transactions, including potential fraudulent transactions.
- Monitor your accounts daily.
- Limit contactless use in high-risk areas by exercising caution in crowded or unfamiliar environments.
