The Fraud Examiner
Are You Keeping up with the Fraudsters Online?
By Laura Hymes, CFE
New online and technological developments are constantly popping up; some change our standard investigative approaches, while others disappear before most of us even hear about them. Fraud examiners do not need to become tech experts to be successful in their careers, but they do need a basic understanding of advances in the industry and a strategy to stay up-to-date on the relevant trends. Sure, technology can be scary … but it doesn’t have to be!
The fundamentals of fraud schemes do not change, but technology alters how fraudsters commit their crimes. The first step to cultivating technological awareness is to understand how different trends in the online and IT realms can affect fraud examinations. The following are a few broad topics for illustration purposes; they are not intended to be inclusive of all emerging trends.
Virtual Currency and Banking
Bitcoin was the first mainstream digital currency, but new competitors have arrived on the scene. The appeal of virtual currencies (also called cryptocurrencies) for fraudsters is the anonymity and lack of traditional financial-institution controls that they offer. Dash (formerly Darkcoin) is a newcomer that offers users more privacy than Bitcoin and makes it more difficult for investigators to trace purchases. Dash uses a decentralized network of servers to route transactions and hide customers’ identifying information, while also encrypting sensitive data to add another layer of anonymity. Fraudsters can use such cryptocurrencies to engage in a host of illegal activities, and investigators might not have the tools to track them down.
The cost of sophisticated devices and services continues to decrease as engineers and developers make technology more efficient. This is great for consumers, and even better for criminals. Burner phones with pre-paid data plans and SIM cards, Bring Your Own Device (BYOD) programs at work and cloud storage are a few byproducts of this economizing trend, and they all open up organizations to fraud in challenging new ways.
BYOD in particular has recently caught the attention of executives. Employees using their own devices to work on proprietary files, sometimes through unsecured Internet connections, essentially paint a big red target on their employers’ sensitive data. Personal devices often lack the security controls that company-provided devices have.
Social media, hacking, corporate espionage and data breaches — identity thieves now have more tools to help them than ever before. Social media makes it easy for fraudsters to cull data about a target before attempting social engineering to retrieve passwords or other valuable information. The more information individuals post online about themselves or their employers, the more vulnerable they become to an attack. Organizations suffer hacking, corporate espionage and data breaches at alarming rates. Both small- and large-scale attacks have the same goal: confiscate identifying information for nefarious purposes.
Anonymous Browsing, Selling and Purchasing
Not a member? Click here to Join Now and access the full page.
Darknets are networks that allow users to browse the Deep Web, which includes web pages that popular search engines have not indexed. Many of these sites offer fraudsters the ability to buy or sell illegal items and services anonymously. Most investigators know about Tor, the most popular darknet for security buffs, hobbyists and fraudsters alike. I2P is a new service that offers users even more anonymity than Tor and, therefore, causes even more trouble for investigators.