Theranos
Read Time: 7 mins
Written By:
Steve C. Morang, CFE
Digital Fingerprints
Anything You Say Can and Will Be Used Against You!
Please sign in to save this to your favorites.
During an investigation, we scour the web and social networks for employment backgrounds, contacts, education history, past behavior and so on. However, we should be concerned about information we are posting that the bad guys can use against us.
Arthur Hulnick, a former CIA officer, estimates that open-source intelligence (a form of intelligence collection management that involves finding, selecting and acquiring information from publicly available sources) accounts for "as much as 80 percent" of the entire intelligence database. (See "Sailing the Sea of OSINT in the Information Age," by Stephen C. Mercado.) This is possible, in part, because organizations and their employees freely publish information online they probably should keep to themselves. And those loose lips can lead to outright fraud. (Also see "NATO Open Source Intelligence Reader.")
JOB POSTINGS
Before you continue reading this, look at your organization's job postings and ask, "What are we telling the competition about us?"
Imagine a software company with a strong presence in Asia Pacific that posts a public job offer for a sales manager in North America. What are they telling the competition? Think of the recruiting process in your organization and how long it can take to staff a position. Is that enough time for the competition to adjust to the arrival of this new sales manager?
Your competitors find or infer from your job postings the technologies your organization uses, expansion into new areas and territories, market growth, change in structure, structural growth, etc.
What does this mean for fraud examiners? Make sure you run proper background checks on potential hires! Why? Because some job descriptions are so detailed that someone wishing to be hired for fraudulent purposes can customize his or her résumé. I just worked a case in which a candidate found a company he believed would be a good target and redesigned his résumé to boost his employment chances. The company hired him, and he then proceeded to steal intellectual property during his employment.
WEB 2.0 AND SOCIAL NETWORKS
Employees are likely to reveal valuable information to the competition on professional or personal networking sites. Fraudsters can make conclusions about a company's expansion by studying comments about new connections and relationships plus repeated trips to a city or country.
Through investigations, I have found nurses sharing concerns about care in neo-natal intensive care units, law enforcement personnel sharing sensitive assignments and sales managers claiming their stakes on new territories. Professional social networking sites tell the world about new hires and those who are leaving employers.
Employees posting information online is nothing new. In one case I worked nearly 12 years ago, a call-center employee leaked sensitive information on a web forum. This employee, who was privy to upcoming promotions offered by a telecommunication provider, would repost information online prior to a promotion launch. The company's call center then would be flooded with requests for promotions and packages that did not exist yet.
Did this employee access highly sensitive documents? Did he gain access to someone's email account? No. He simply reposted information he learned in training sessions. We had a difficult time tracking him down because back then we did not log everything. Even today, we find organizations that do not store online access information, which would allow them to adequately investigate leaks.
MARKETING DOCUMENTATION
Documents that an organization provides its clients to market its services often end up in competitors' hands. Find ways to securely communicate information that you do not want the competition obtaining.
I was involved in a recent case in which a competitor was able to reverse-engineer a product (take it apart and analyze it) by simply using the information in product brochures and documentation. Imagine your competition not only knowing your products but how you are manufacturing them. That is a serious loss of competitive advantage!
I have also been involved in cases in which individuals used marketing information to create fake companies to try to defraud possible clients. The schemes were simple: reuse information to make the companies look legitimate, solicit clients, get paid and then never deliver anything.
AS AN EXPERT WITNESS
Whatever you write, post and/or communicate may allow you to build eminence as an expert. However, opposing counsel could also use that public information to try to disqualify you as an expert or to cross-examine you in court.
AS AN INVESTIGATOR
Open-source intelligence can help you discover valuable information about players in an investigation. In one case, I found some undocumented aliens involved in a fraud scheme because they gave some prime evidence via their social media profiles, including their geographic locations. In another example, we tracked down vehicles purchased with embezzled funds simply based on suspects' photos that had been posted online.
When I begin a background investigation into a company, one of the first things I do is seek information through press releases and trade publications. Companies love to tell the world about what they are doing right. However, the competition will always seek out this valuable market intelligence.
If you want to know more about leveraging business intelligence techniques in your fraud examinations, I strongly encourage you to check out anything fellow ACFE faculty member Cynthia Hetherington teaches.
WHAT TO DO
So do you cut yourself off from the world and go off grid? Absolutely not. But make sure your organization's policies strictly control information that its employees can release through all open-source channels but especially online. When it comes to social media, establish a "think before you post" mentality.
Jean-François Legault is a senior manager with Deloitte's Forensic & Dispute Services practice in Montreal. Canada.
Searching a specific domain or website:
Finding PowerPoint documents on your site:
Arthur Hulnick, a former CIA officer, estimates that open-source intelligence (a form of intelligence collection management that involves finding, selecting and acquiring information from publicly available sources) accounts for "as much as 80 percent" of the entire intelligence database. (See "Sailing the Sea of OSINT in the Information Age," by Stephen C. Mercado.) This is possible, in part, because organizations and their employees freely publish information online they probably should keep to themselves. And those loose lips can lead to outright fraud. (Also see "NATO Open Source Intelligence Reader.")
JOB POSTINGS
Before you continue reading this, look at your organization's job postings and ask, "What are we telling the competition about us?"
Imagine a software company with a strong presence in Asia Pacific that posts a public job offer for a sales manager in North America. What are they telling the competition? Think of the recruiting process in your organization and how long it can take to staff a position. Is that enough time for the competition to adjust to the arrival of this new sales manager?
Your competitors find or infer from your job postings the technologies your organization uses, expansion into new areas and territories, market growth, change in structure, structural growth, etc.
What does this mean for fraud examiners? Make sure you run proper background checks on potential hires! Why? Because some job descriptions are so detailed that someone wishing to be hired for fraudulent purposes can customize his or her résumé. I just worked a case in which a candidate found a company he believed would be a good target and redesigned his résumé to boost his employment chances. The company hired him, and he then proceeded to steal intellectual property during his employment.
WEB 2.0 AND SOCIAL NETWORKS
Employees are likely to reveal valuable information to the competition on professional or personal networking sites. Fraudsters can make conclusions about a company's expansion by studying comments about new connections and relationships plus repeated trips to a city or country.
Through investigations, I have found nurses sharing concerns about care in neo-natal intensive care units, law enforcement personnel sharing sensitive assignments and sales managers claiming their stakes on new territories. Professional social networking sites tell the world about new hires and those who are leaving employers.
Employees posting information online is nothing new. In one case I worked nearly 12 years ago, a call-center employee leaked sensitive information on a web forum. This employee, who was privy to upcoming promotions offered by a telecommunication provider, would repost information online prior to a promotion launch. The company's call center then would be flooded with requests for promotions and packages that did not exist yet.
Did this employee access highly sensitive documents? Did he gain access to someone's email account? No. He simply reposted information he learned in training sessions. We had a difficult time tracking him down because back then we did not log everything. Even today, we find organizations that do not store online access information, which would allow them to adequately investigate leaks.
MARKETING DOCUMENTATION
Documents that an organization provides its clients to market its services often end up in competitors' hands. Find ways to securely communicate information that you do not want the competition obtaining.
I was involved in a recent case in which a competitor was able to reverse-engineer a product (take it apart and analyze it) by simply using the information in product brochures and documentation. Imagine your competition not only knowing your products but how you are manufacturing them. That is a serious loss of competitive advantage!
I have also been involved in cases in which individuals used marketing information to create fake companies to try to defraud possible clients. The schemes were simple: reuse information to make the companies look legitimate, solicit clients, get paid and then never deliver anything.
AS AN EXPERT WITNESS
Whatever you write, post and/or communicate may allow you to build eminence as an expert. However, opposing counsel could also use that public information to try to disqualify you as an expert or to cross-examine you in court.
AS AN INVESTIGATOR
Open-source intelligence can help you discover valuable information about players in an investigation. In one case, I found some undocumented aliens involved in a fraud scheme because they gave some prime evidence via their social media profiles, including their geographic locations. In another example, we tracked down vehicles purchased with embezzled funds simply based on suspects' photos that had been posted online.
When I begin a background investigation into a company, one of the first things I do is seek information through press releases and trade publications. Companies love to tell the world about what they are doing right. However, the competition will always seek out this valuable market intelligence.
If you want to know more about leveraging business intelligence techniques in your fraud examinations, I strongly encourage you to check out anything fellow ACFE faculty member Cynthia Hetherington teaches.
WHAT TO DO
So do you cut yourself off from the world and go off grid? Absolutely not. But make sure your organization's policies strictly control information that its employees can release through all open-source channels but especially online. When it comes to social media, establish a "think before you post" mentality.
Jean-François Legault is a senior manager with Deloitte's Forensic & Dispute Services practice in Montreal. Canada.
Sidebar:
Use These Queries to Examine Your Online Exposure
Google search directives will add power to your searches.
Searching for a specific phrase using quotations:
- "find this specific phrase"
Searching a specific domain or website:
- site:targetdomain.com or
- site:www.targetdomain.com
Searching for specific file type:
- filetype:extension
You can use the minus sign (-) as an exclusion operator. For example, you can use this search directive to exclude a specific website from your search:
- -site:www.excludeddomain.com
Here are some Google searches that you can run against yourself to see what could be available to fraudster.
Finding PowerPoint documents on your site:
- site:www.yoursite.com filetype:ppt
- site:www.yoursite.com filetype:pptx
Finding Word documents on your site:
- site:www.yoursite.com filetype:doc
- site:www.yoursite.com filetype:docx
Finding confidential documents on your site:
- site:www.yoursite.com confidential
- site:www.yoursite.com "not for distribution"
The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.
Begin Your Free 30-Day Trial
Unlock full access to Fraud Magazine and explore in-depth articles on the latest trends in fraud prevention and detection.
Poor bank account management yields fraud
Read Time: 7 mins
Written By:
Damien Chaminade, CFE
Fraud in the News
2 minutes
Written By:
Randi Zimmer, CFE
Theranos
Read Time: 7 mins
Written By:
Steve C. Morang, CFE
Poor bank account management yields fraud
Read Time: 7 mins
Written By:
Damien Chaminade, CFE
Fraud in the News
2 minutes
Written By:
Randi Zimmer, CFE