Matt Zbrog
Fraud is big and getting bigger. Generally speaking, fraud is defined as actions that deceive for financial or personal gain—a category broad enough to include everything from lying about one’s age to masterminding a billion-dollar pyramid scheme.
In the business world, fraud is typically measured by its impact on the balance sheet: a 2022 report by the Association of Certified Fraud Examiners (ACFE) estimated that the typical organization loses 5 percent of its revenue annually to fraud. That 5 percent can have serious effects, leading to layoffs, burned investors, and tarnished reputations. Fraud examiners are fighting back.
The biggest tool against fraud is awareness: organizations that provide fraud training see a 38 percent reduction in the median loss per instance of fraud. But those who fight fraud are, by default, in a reactive role, which can put them at a disadvantage. And while the basic fraud schemes haven’t changed much over the years (nor have the motives for committing them), the technologies enabling them have changed dramatically; fraud examiners and forensic professionals need to be constantly learning to keep up to date.
This year’s International Fraud Awareness Week takes place November 13-19, 2022. Hosted by the ACFE, it’s a time to promote anti-fraud awareness and education, and bolster the global effort to minimize the impact of fraud.
Read on to learn about the state of fraud examination today and where it’s all headed.
Mason Wilder, CFE, is a research manager for the Association of Certified Fraud Examiners (ACFE). In this role, he manages the creation and updates of ACFE materials for continuing professional education, works on research initiatives such as the Report to the Nations and benchmarking reports, conducts trainings, writes for all ACFE publications, and responds to member and media requests.
“This is a field that’s always changing,” says Mason Wilder, CFE. “You have to be constantly learning in order to be an effective anti-fraud professional.”
One of the fundamental trends over the last few years is fraud getting more high-tech. Fraudsters are using new technology to adapt old schemes to new contexts, while anti-fraud professionals are using it to fight back.
Most of this tech isn’t a gadget, though: it’s data. For decades, fraudsters have sold people’s personal information on the dark web, but this illicit fraud economy has grown to include full-on tutorials, plug-and-play tools, and fraud-for-hire services. Fraud has become more accessible than ever.
“The pace of the evolution of fraud risks is not going to slow down any time soon,” Wilder says.
Another fundamental trend is the side effects of the Covid-19 pandemic. The pandemic has provided an opportunity for fraudsters to repackage old schemes in a new context, and at the same time, created challenges for anti-fraud professionals trying to do their jobs effectively from remote settings.
The former is nothing new: fraud often boils down to one of a handful of schemes that are hundreds of years old, just dressed up for new contexts and adapted to new technologies. But the latter is an acceleration of previous trends: as physical interaction becomes less common and interviews with suspects are conducted remotely, investigators rely less on confessions to make their case.
“Generally speaking, you’re not getting as much information virtually as you would in person,” Wilder says. “That limits the efficacy of investigative interviewing. But older theories on detecting deception through nonverbal behavior have also been called into question in recent years, along with inappropriate methodologies leading to coerced confessions. Today there’s more emphasis on doing a solid investigation and less of a focus on closing a case in the interview room.”
Perhaps the biggest paradigm shift in fraud investigations has been the rise of open-source intelligence (OSINT).
Generally speaking, OSINT is the collection and analysis of data from overt and publicly available sources to produce actionable intelligence. Consider it a summation of the other key trends in investigations: as more data streams become available, more information is shared, and more evidence is technically publicly available. In recent years, OSINT has increasingly become the go-to tool for anti-fraud professionals; Wilder teaches a two-day course in it for fraud examiners at the ACFE.
“When you get to that portion of an investigation where you’re trying to find any information freely available out there and make sense of it, it’s like putting together a jigsaw puzzle where you don’t have the picture on the box to work with,” Wilder says. “You’re just collecting all these pieces, these random pieces, one at a time. The more pieces you collect, the more you start to see how some fit together, and you get an idea of the bigger picture of things.”
The truth is out there, but it’s buried in a heap of data detritus: social media posts, emails, IP addresses, cookies, payment transactions, browser searches, DNS registrations, blockchain signatures, flight records, street view metadata, and website source codes all contribute to what is still an incomplete list. Each puzzle piece could just as easily be a red herring, too: anti-fraud professionals have to know where to look and how to verify what they find.
“The basics of OSINT are about identifying leads and guiding subsequent traditional investigation methods where you start getting court orders to get records or setting up interviews and understanding what documents to look for related to relevant individuals or entities,” Wilder says.
An investigator can go as deep into OSINT as their technical abilities and time budget allow. One could feasibly learn Python and set up bots to scrape web data, for example, but just as well recruit an expert to do the same. Practically every modern investigation includes some basic level of OSINT, if only to scan for red flags. Investigators can use OSINT to quickly and cheaply learn whether someone is paying their own property taxes, or check Google Street View to verify that the listed address of a business does indeed match the business described.
“If you aren’t incorporating some level of open-source intelligence into whatever kind of investigation you’re working on, then you’re really missing out,” Wilder says. “You’re potentially missing some crucial stuff that’s low risk and low cost to access. There’s no reason not to do some open-source intelligence in any and every investigation.”
It will vary based on one’s role and setting, but an expert anti-fraud professional will likely know the basics of OSINT: what public records are available and how to access them; how to filter and verify data; what investigative methods are legal (i.e., how to collect “private” data on social media sites); what DNS registrations and IP addresses are; how to find company ownership information; and some basic skills in how to use different search engines effectively.
“There’s been a lot more emphasis on effectively incorporating OSINT techniques into investigations,” Wilder says. “The potential applications of that are really only limited by your imagination because there’s just so much information available. Use your instincts and your investigative chops to put those pieces together and figure out what the big picture is.”
“The same kind of fraud is always going to be taking place,” Wilder says. “It’s fundamentally the same, but adapted to new contexts, new technologies, and new mediums.”
The Covid-19 pandemic created a gold rush of fraud, and it’s possible that monkeypox and other fast-spreading diseases could provide a similar disguise for traditional fraud vehicles like phishing; deep-fakes, too, could play a role. Wilder also sees fraud expanding into the metaverse as technology matures further, and points to cryptocurrency and NFTs as platforms with high fraud potential.
For those in the know, that future is now: in August of this year, the US government put a decentralized application, Tornado Cash, on its sanctions list. Tornado Cash’s primary function is to obscure the movement of blockchain transactions, which are otherwise transparent for the most part. While it is operated by no single individual and simply exists as a self-running code, the US Treasury Department estimates that Tornado Cash has facilitated the laundering of over $7 billion since its launch in 2019. For fraud investigators, not knowing the basics of cryptocurrency and how it relates to fraud is becoming increasingly inexcusable.
“Fraud examiners need to know about cryptocurrency because it’s not going away,” Wilder says. “There will be ups and downs in digital asset valuations, but it’s here to stay, and we are seeing it increasingly used in fraud schemes.”
Blockchain forensics has made huge advances in the last few years. Despite the majority of transactions being publicly available, tracking wallets and tracing them to specific entities is still a sophisticated science. Not every fraud investigator needs to be well-versed in blockchain forensics, but they do need to know enough to know when to refer to an expert.
And even the most basic understanding of how blockchains are used can be a benefit: it’s important to be able to recognize the name of a cryptocurrency exchange on a bank statement, at the very least. But as with OSINT, it can go as deep as an investigator is willing to go.
“The most important thing for fraud examiners to do is stay up to date and keep their awareness at a high level about emerging technologies,” Wilder says. “Be attuned to the shifts in commerce and business operations, and really try to think like a fraudster for how traditional fraud schemes might be applied to new contexts. If you like learning and have an intellectual curiosity, those characteristics lend themselves well to the anti-fraud profession.”
To learn more about how today’s anti-fraud professionals are fighting back against fraud, check out some of the resources below.
Matt Zbrog
Matt Zbrog is a writer and researcher from Southern California. Since 2018, he’s written extensively about the increasing digitization of investigations, the growing importance of forensic science, and emerging areas of investigative practice like open source intelligence (OSINT) and blockchain forensics. His writing and research are focused on learning from those who know the subject best, including leaders and subject matter specialists from the Association of Certified Fraud Examiners (ACFE) and the American Academy of Forensic Science (AAFS). As part of the Big Employers in Forensics series, Matt has conducted detailed interviews with forensic experts at the ATF, DEA, FBI, and NCIS.