Other Fraud Schemes Flashcards

1
Q

DISPARATE PRICE SCHEME

A

Providers charge some patients a lower rate than the government

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

DOUBLE PLEDGING COLLATERAL SCHEME

A

Borrowers pledge the same collateral with different lenders BEFORE liens recorded and WITHOUT telling the lenders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which business (small or large) are at greater risk of identity theft?

A

Smaller because they have lines of credit, capital, etc. desired by fraudsters and lack resources/tech to defend against identity theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is LOGICAL ACCESS?

A

users allowed to use computer systems and networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are LOGICAL ACCESS CONTROLS?

A

users identified and granted privileges to information, systems or resources. these controls are designed to protect confidentiality, integrity and availability of informational resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the types of reimbursements for providers?

A

(1) FEE FOR SERVICE; provider receives payment for each service rendered. CON: creates incentive to increase compensation by performing excess and unnecessary services. PRO: provides wide discretion in selecting services
(2) CAPITATION; provider receives one lump sum for each patient treated, regardless of amount of services. CON: focuses on quantity vs quality. PRO: avoids incentive to perform unnecessary services
(3) EPISODE OF CARE; provider receives one lump sum for all services related to a condition or disease (not per patient). PRO: more fair as it compensates more
(4) SALARY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is TECHNICAL SECURITY?

A

use of safeguards incorporated in computer hardware, operations or applications software/related devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is ADMINISTRATIVE SECURITY?

A

use of tools to provide an acceptable level of protection for computing resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

COMMON TECHNICAL AND ADMINISTRATIVE CONTROLS?

A
  • logical access controls
  • network security
  • operating systems security
  • encryption
  • application security
  • separation of duties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are BUFFER OVERFLOWS AND PRIVILEGE ESCALATION?

A

methods of exploiting design flaws in computer systems to obtain unauthorized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the PAST POSTING scheme?

A

those involved in automobile accident but not insured. as such, they get insurance, wait, and then reporter vehicle having been damaged.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

EFT SCHEME

A

electronic funds transfer scheme by misappropriating customer’s account and password information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SCAVENGING

A

collecting information left around computer systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DUMPSTER DIVING

A

obtaining sensitive information by looking through someone else’s trash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SHOULDER SURFING

A

observing an unsuspecting target from a nearby location while the target enters username/password etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SPOOFING

A

individual impersonates legitimate user to obtain access to target’s network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How can a manual file system be attacked?

A
  • pilfer trash
  • act as cleaning crew member
  • commit theft of burglary
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How to protect manual file systems?

A
  • shredding sensitive documents
  • sending/receiving mail at secure site
  • employing perimeter security system
  • place sensitive docs in high-grade locked filing cabinets
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

ILLEGAL PYRAMID SCHEME

A

promoted by encouraging victim investors to recruit new members. the more members recruited, the higher the investor is purported and the more they make

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

An effective system for safeguarding sensitive and proprietary information should include

A
  • task force
  • security risk assessments
  • awareness training
  • NDA
  • data minimization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ROCK PHISHING

A

use botnets to send massive amounts of phishing emails to huge volumes of users.

emails contain message from financial institutions enticing users to click on fraudulent url

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

SMiSHING

A

hybrid of phishing and short message service . attacker uses text messages to dupe an individual or business into providing sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

WHAT IS SOCIAL ENGINEERING

A

act of using deceptive techniques to manipulate people into taking certain actions or disclosing information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

WHAT TECHNIQUES DO SOCIAL ENGINEERS USE TO OBTAIN INFORMATION

A
various forms of 
trickery
persuasion
threats
cajolery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Why does one engage in social engineering?

A
  • to gain unauthorized access to systems
  • obtain confidential communication so they can commit fraud, intrude into networks, gain access to buildings, steal another party’s secrets, commit identity theft, or engage in some other nefarious act.
  • procure information that will give them a competitive advantage
  • to find ways in which they can install malware.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is a COMPUTER WORM?

A

malicious self-replicating computer program that penetrates operating systems to spread malicious code to other computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the TAKE-THE-MONEY-AND-RUN SCHEME?

A

variation of an advance-fee scheme that occurs when a fraudster creates a fake vacation rental listing or website

fraudster usually asks the victim to wire funds for the first and last night’s stay or even requires the victim to pay in full. After receiving the funds and passing off fake information about the short-term rental to the victim, the fraudster disappears and is no longer reachable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What are the safeguards to reduce unauthorized EFT?

A
  • Confirm phone and mailing addresses on the application against info available from other sources
  • area or city code in the applicant’s telephone number matches the geographical area
  • Send a “welcome” letter to the address on the application with the bank’s return address
  • Always mail PINs separately from other information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What steps can businesses take to protect personal information and prevent identity theft?

A
  • Limit the personal information collected from customers.
  • Restrict employees’ access to the information
  • Use network-security tools to monitor who accesses personal information.
  • Do not retain personal information for longer than necessary.
  • Create a data breach response plan.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Why would an identity thief target a business rather than a person?

A
  • potential rewards are greater (larger bank balances)
  • businesses are less likely to notice new or unusual financial transactions
  • information necessary to commit business identity theft (e.g., business or tax identification numbers) is often publicly available online
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What are/is COIN MINERS / CRYPTOJACKING MALWARE?

A

type of MALWARE

programs that, upon infecting a computer, use that computer’s processing power to mine for cryptocurrencies without owner’s knowledge or consent

USED to generate illicit income in the form of cyrptocurrency

causes victims to incur costs related to power usage or cloud storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is BUSINESS EMAIL COMPROMISE (BEC)?

A

form of spear phishing attack that directly targets executives or other high-ranking corporate employees who have the ability to make large payments.

involve fraudulent emails that appear to be from the company’s own CEO or from the head of a foreign suppliers instructing mployee to perform a time-sensitive wire transfer to ensure that the supply chain is not disturbed

more often now, these emails are paired with an insistent phone call from someone posing as the email sender or as the sender’s attorney

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What are the 5 common BEC SCHMES

A

(1) BUISINESS WORKING WITH FOREIGN SUPPLIER: posing as a company’s foreign supplier and send an email to the company requesting funds be transferred to an alternate account controlled by the fraudsters.
(2) BUSINESS EXECUTIVE REQUESTING WIRE TRANSFER: using compromised email account of a high-level executive to pose as the executive and ask an employee to transfer funds
(3) VENDORS RECEIVING FRADULENT REQUESTS FOR PAYMENT: using an employee’s compromised email account to identify company’s vendors and ask them to transfer funds
(4) ATTORNEY IMPERSONATION: posing as the company’s attorney and, contacting an employee to request transfer of funds
(5) DATA THEFT: using compromised email account of executive to request employees’ tax information or other PII from the person responsible for maintaining such information (e.g., human resources personnel)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What are REAL ESTATE FRAUD schemes?

A

Real estate transactions assume a willing buyer and seller

Fraud can occur when the transaction breaks down or the expert assistance is not at arm’s length

Many real estate fraud schemes have a false appraisal report as a condition precedent.

Easily recognizable as always an element of time pressure - convincing victims its once in a lifetime deal or now or never

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

TYPES OF MEDICAL PROVIDER FRAUD

A

(1) FICTITIOUS SERVICES SCHEME: legitimate health care providers charge or bill a health care program for services not rendered
(2) FICTITIOUS PROVIDER SCHEME: Occurs in two ways

1- fraudulently obtain and use another provider’s identification information and steal or purchase lists of patient information.

2 - perpetrator submits bills using the fictitious provider’s information to the insurance provider or government health care program for medical services, although no services are performed.

(3) CLINICAL LAB SCHEMES - provider advises a patient that additional medical testing is needed to diagnose a problem when it is not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

how is the bidding process manipulated?

A
  • opening bids prematurely
  • Altering bids
  • Extending bid opening dates without justification
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is VISHING?

A

aka voice fishing

  • act of leveraging Voice over Internet Protocol (VoIP) falsely claiming to be a legitimate enterprise in an attempt to scam users into disclosing personal information
  • generally transmitted as an incoming recorded telephone message that uses a spoofed (fraudulent) caller ID matching the identity of a misrepresented organization
  • criminals capture the key tones and convert them back to numerical format
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

what is UPCODING?

A

occurs when a provider bills for a higher level of service than actually rendered

One common form of upcoding involves generic substitution—filling a prescription with a less expensive drug, while billing for the more expensive form of the drug.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What are SMART CARDS?

A

Plastic card, the size of a credit card, embedded with a microchip

CANNOT be easily replicated or counterfeited

include a wide variety of hardware and software features capable of detecting and reacting to tampering attempts

not immune to attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What are the FOUR MAIN ATTACKS on SMART CARDS?

A

(1) physical
(2) side-channel
(3) software
(5) environmental

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What are draw requests?

A

documentation substantiating that a developer has incurred the appropriate construction expenses and is now seeking reimbursement or direct payment

request should be accompanied by the following documents:

  • Paid invoices for raw materials
  • Lien releases from each subcontractor
  • Inspection reports
  • Canceled checks from previous draw requests
  • Bank reconciliation for construction draw account for previous month
  • Loan balancing form demonstrating that the loan remains in balance
  • Change orders, if applicable
  • Wiring instructions, if applicable
  • Proof of developer contribution, if applicable
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

what is a NONCONFORMING GOODS/SERVICES FRAUD?

A
  • aka product substitution or failure to meet contract specifications
  • attempts by contractors to deliver goods or services to the procuring entity that do not conform to the underlying contract specifications

potential red flags for nonconforming schemes:

  • High percentage of returns
  • missing compliance certificates
  • evidence of falsified test inspection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

what is TECHNICAL SURVEILLANCE?

A

practice of covertly acquiring audio, visual, or other types of data from targets through the use of technical devices, procedures, and techniques

usually to gather nondocumentary evidence or information that cannot be found through open sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What are the (4) WORKERS’ COMPENSATION SCHEMES?

A

(1) PREMIUM FRAUD: misrepresentation of information to the insurer by employers to lower the cost of premiums
(2) AGENT FRAUD: pilfering premiums and conspiring to reduce premiums.
(3) CLAIMANT FRAUD: misrepresenting the circumstances of any injury or fabricating that an injury occurred
(4) ORGANIZED FRAUD: composed of the united efforts of a lawyer, a capper, a doctor, and the claimant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What are the options of authenticating users in information systems?

A

Passwords
Card-based systems
Biometrics
Profiling software

46
Q

What are CONSUMER FRAUD schemes?

A

involve a range of fraudulent conduct, usually committed by professional scammers, against unsuspecting victims

schemes include advance-fee swindles, debt consolidation schemes, and diploma mills.

47
Q

what is a BAITING SCHEME?

A

fraudsters leave malware-infected USB flash drives, CD-ROMs, or similar items in places where people will find them, such as parking lots

items often have a label designed to elicit curiosity or greed in the victims (e.g., “FREE PRIZE”).

When the item is inserted into the victim’s computer, the computer or network is infected, giving the identity thief access to information

48
Q

What are the consumer fraud schemes that target the elderly?

A

(1) Homeownership schemes: fraudster recommends a friend who can perform needed home repairs at a reasonable price. This friend might require the homeowner to sign a document upon completion, confirming repairs were made. In some cases, the elderly victims later learn they signed the title of their house over to the repairperson. In other cases, elderly victim overcharged
(2) Sweepstake and prize schemes: Fraudsters inform elderly individuals they won a prize but must pay a fee to receive it and continuously play this ask again until savings depleted
(3) Work-at-home schemes: business opportunities targeting elderly individuals who need extra income to supplement their retirement benefits, including assembly crafts, chain letters, coupons, envelope stuffing, medical billings, and report writing.

49
Q

what are the (3) types of IDENTITY THEFTS?

A

(1) FINANCIAL IDENTITY THEFT - MOST COMMON IDENTITY THEFT. occurs when a fraudster uses an individual’s personal information for fraudulent financial transactions. Examples: account takeover, true name fraud
(2) BUSINESS IDENTITY THEFT: occurs when a fraudster impersonates a business to commit financial fraud,
(3) CRIMINAL IDENTITY THEFT: occurs when fraudsters falsely identify themselves as other people to law enforcement while being arrested or investigated for a crime

50
Q

What are the key phases of procurement processes that employ bidding mechanisms?

A

The presolicitation phase
The solicitation phase
The bid evaluation and award phase
The post-award and administration phase

51
Q

What is CRIMEWARE?

A

NOT a TYPE of malware but rather a CLASSIFICATION of malware denoted by its intent to facilitate criminal behavior

52
Q

What are the two methods of detection of EMBEZZLEMENT?

A

(1) REVIEW OF SOURCE DOCUMENTS - used when $ amount is small enough that statements are not materially affected
- most effectively detected through review of source documents (receipts, deposit slips).
- common red flags: missing sources documents, payee identification matches employee or relative information, alteration, photocopies only

(2) FINANCIAL STATEMENT ANALYSIS - when financial statements materially affected

53
Q

What is DEFECTIVE PRICING?

A

Contractors intentionally use inaccurate cost or pricing data to inflate costs in negotiated contracts

A contractor can inflate labor costs by:

  • Using outdated cost schedules
  • Using lower-wage personnel to perform work at higher rates
  • Using salaried personnel to perform uncompensated overtime
  • Failing to account for learning-curve cost reductions
  • Subcontracting to affiliated companies at inflated rates
54
Q

What is NEW ACCOUNT FRAUD?

A

fraud that occurs on an account within the first 90 days that it is open

more common red flags of potential new account schemes are:

  • Customer residence outside the bank’s trade area
  • requesting immediate cash withdrawal upon deposit
  • Missing or inaccurate customer application information
  • Use of a mail drop address
55
Q

What is COMPLEMENTARY BIDDING?

A

(also known as protective, shadow, or cover bidding)

common form of collusion between competitors, and it occurs when competitors submit token bids that are not serious attempts to win the contract.

influences the contract price and who is awarded the contract.

56
Q

what is a SCAVENGER scheme?

A

scavenger or revenge scheme involves the company that initially conned the consumer.

Using a different company’s name, they contact the consumer again and asks if he would like to help put the unethical company out of business and get his money back.

Naturally, an upfront fee is required to finance the investigation.

57
Q

what is a Trojan horse?

A

a program or command procedure that gives the appearance that it is useful but in fact contains hidden malicious code that causes damage

58
Q

What is UNBUNDLING?

A

health care procedures often have special reimbursement rates for a group of procedures typically performed together. so some providers attempt to increase profits by billing separately for procedures that are actually part of a single procedure

aka coding fragmentation

59
Q

What are information security goals that an e-commerce system should endeavor to meet for its users and asset holders?

A
  • Non-Repudiation (Most important - method used to guarantee that the parties involved in an e-commerce transaction cannot repudiate (deny) participation in that transaction. Non-repudiation is obtained through the use of digital signatures, confirmation services, and timestamps)
  • Confidentiality of data
  • Integrity of data
  • Availability of data
  • Authentication
60
Q

What is DRG?

A

Diagnostic-related groupings (DRG) is a reimbursement methodology for the payment of institutional services

DRG creep occurs when medical staff members manipulate diagnostic and procedural codes to increase reimbursement amounts or other forms of funding

61
Q

what is HUMAN INTELLIGENCE?

A

Gathering data through direct contact with people

example

  • posing as customer of victim company
  • employment interviews
  • planting agent in target oganization
  • social engineering
62
Q

What are FRAUDULENT SALE SCAMS?

A

involves the fraudulent acquisition of real estate by filing a fraudulent deed or respective real estate document that makes it appear that the property legally belongs to the criminal.

The true owner’s signature is forged on the documents, and the scammer files them in the jurisdiction’s real property records.

Once the ownership documents are filed, he applies for and executes a loan on the property (using a straw borrower).

63
Q

What is the internet of things (IOT)?

A

merging environment of everyday objects that use embedded sensors to collect and transmit data through the Internet.

Examples: wearable fitness devices, home-automation products, and smart parking systems.

64
Q

What groups are the favourite targets of identity thieves?

A
Children
Seniors
Members of the military
College students
The deceased
65
Q

What is AFFINITY FRAUD?

A

targets groups of individuals who have some social connection such as

  • Neighborhoods chiefly populated by racial minorities, especially immigrant groups
  • the elderly
66
Q

What is a RENT-A-PATIENT scheme?

A

involve paying individuals to undergo unnecessary medical procedures that are then billed to the patient’s insurer or health care program

67
Q

what is a DAISY CHAIN?

A

a bank buys, sells, and swaps its bad loans for the bad loans of another bank, creating new documentation in the process.

Its purpose is to mask or hide bad loans by making them look like they are recent and good.

68
Q

What is DATA MANIPULATION and DATA DESTRUCTION?

A

Data manipulation - use or manipulation of a computer to perpetrate a crime

data destruction involves the unauthorized modification, suppression, or erasure of computer data or computer functions, with the intent to alter or hinder the normal functions of the targeted system

Data manipulation and destruction involves either direct or covert unauthorized access to a computer system by the introduction of malicious software such as viruses, worms, or logic bombs.

69
Q

What are the methods used to destroy and manipulate data include?

A
  • Using malware to infect computers
  • Wire tapping into a computer’s communication links
  • Transmitting data to an outside destination without authorization
70
Q

What is PHYSICAL INFILTRATION?

A

The process whereby an individual enters a target organization to spy on the organization’s employees

71
Q

What are FIREWALLS?

A

A system that blocks unauthorized or unverified access to network assets by surveying incoming and outgoing transmissions

72
Q

What are BID TAILORING SCHEMES?

A
  • AKA specifications schemes
  • occur during the presolicitation phase
  • an employee with procurement responsibilities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor
73
Q

What methods are used to commit bid tailoring schemes?

A

(1) drafting NARROW specification - a corrupt employee tailors the bid specifications to accommodate a vendor’s capabilities and to eliminate other competitors
(2) drafting BROAD specifications- a corrupt employee of the buyer designs unduly broad qualification standards to qualify an otherwise unqualified contractor
(3) Drafting VAGUE specifications: - the buyer’s personnel and the contractor collude to write vague specifications or intentionally omit bid specifications. This enables subsequent contract amendments, allowing the contractor to raise the contract’s price

74
Q

What is BID ROTATION?

A
  • a form of collusion among contractors

- occurs when two or more contractors conspire to alternate the business among themselves on a rotating basis

75
Q

What is an ADVANCE FEE SWINDLE?

A
  • structured to obtain an illegal gain by falsely promising the delivery of a product or service
  • In some schemes, the product is marketed to a large number of customers, and then the operation is shut down prior to the delivery stage.
76
Q

What is an INTRUSION DETECTION SYSTEM (IDS)?

A

a device or software application that monitors an organization’s inbound and outbound network activity and identifies any suspicious patterns of activity that might indicate a network or system attack or security policy violations

  • supplement firewalls
77
Q

What is an AIR LOAN?

A
  • loan for a nonexistent property—with air symbolizing the loan’s fraudulent absence of collateral.
  • Most or all of the documentation is fabricated, including the borrower, the property ownership documents, and the appraisal
78
Q

What is property flopping?

A
  • variation on property flipping, but it generally involves a property subject to a short sale
  • involves a rapid transfer of property with an unjustified, significant change in value
  • but instead of inflating the value on the second transaction, the value on the first transaction is deflated
79
Q

What is SYNTHETIC IDENTITY THEFT?

A

involves the use of entirely fabricated personal information or a combination of real and fabricated information to create a new identity

80
Q

What is TRADITIONAL IDENTITY THEFT?

A

a fraudster steals an individual’s personal information and pretends to be that individual (account take over, true name fraud).

81
Q

What are the different types of INSURANCE AGENT/BROKER FRAUD?

A

(1) PREMIUM THEFT- An agent collects the premium but does not remit the payment to the insurance company
(2) FICTITIOUS PAYEES - agent or a clerk changes the beneficiary on record to a fictitious person and subsequently submits the necessary papers to authorize the issuance of a payment
(3) FICTITIOUS DEATH CLAIMS - agent or employee obtains a fictitious death certificate and requests that a death claim payment be issued. The agent then steals the payment

82
Q

What measures can help avoid infection from a malicious program?

A

Use anti-malware software

Regularly update virus definitions in anti-malware programs.

Use precaution when opening emails from acquaintances.

Do not open email attachments unless they are from trusted sources.

Only download files from reputable sources.

Regularly update the operating system.

Regularly update the computer with the latest security patches available

Ensure that there is a clean boot disk to facilitate testing with antivirus software.

Use a firewall and keep it turned on.

Consider testing all computer software on an isolated system before loading it.

Keep backup copies of production data files and computer software in a secure location.

83
Q

What are the concerns with EDI?

A

There is a lack of tools to detect EDI fraud.

The variety of health care services increases the potential for dissimilar frauds.

The efficiency of EDI allows for more vendors and thus more claims to account for.

The swiftness in which transactions take place allows less time to uncover fraud.

84
Q

What is Pharming?

A

an attack in which a user is fooled into entering sensitive data (such as a password or credit card number) into a malicious website that imitates a legitimate website.

It is different from phishing in that the attacker in a pharming scheme does not have to rely on having the user click on a link in an email or other message to direct him to the imitation website.

85
Q

What is a sham loan scheme?

A

Loan officers will sometimes make loans to accomplices who then share all or part of the proceeds with the lending officer.

In some instances, the loans are charged off as bad debts; in other instances, the fake loans are paid off with the proceeds of new fraudulent loans.

86
Q

What is ditching?

A

Ditching, also known as owner give-ups, involves getting rid of a vehicle to collect on an insurance policy or to settle an outstanding loan.

87
Q

What are some red flags of insurance claim fraud?

A

Red flags of insurance claim fraud include the following:

The claim is made a short time after the policy’s inception or after a coverage increase or change.

The insured has a history of many insurance claims.

The insured previously asked the insurance agent hypothetical questions about coverage in the event of a loss similar to the actual claim.

In a theft or fire loss claim, the claim includes a lot of recently purchased, expensive property, but the insured cannot provide receipts, owner’s manuals, or other proof-of-purchase documentation.

In a fire loss claim, the claim does not include personal or sentimental items, such as photographs or family heirlooms, that would usually be listed among the lost property.

The insured has discarded the claimed damaged property before the adjuster can examine it.

88
Q

What are debt consolidation schemes?

A

involve the agency collecting the money from the debtor but not forwarding it to the creditors.

89
Q

What are Factoring companies?

A

Telemarketing operations commonly engage factoring companies.

These groups buy credit card receipts from telemarketing operations at a discount, and then use their merchant bank accounts to convert the receipts into cash.

Factoring is illegal in some jurisdictions

Factoring through Asian and European merchants is becoming increasingly common - tend to charge a lower price for their services

90
Q

What is credit card skimming?

A

credit card skimming scheme requires a device, often referred to as a skimmer or a wedge, that scans and stores a large amount of credit card numbers.

91
Q

What are fraudulent second liens?

A

a person assumes a homeowner’s identity and takes out an additional loan or a second mortgage in the homeowner’s name.

If there is not enough equity in the home to warrant a second loan, an inflated appraisal is obtained.

This scheme often involves a high level of collusion between a loan officer, an appraiser, and a title agent (or other real estate document service provider).

92
Q

What is required for a safeguarding proprietary information (SPI) program?

A

management should establish a task force and charge it with developing the program.

The task force should include managers and staff from departments that deal with proprietary information, such as research and development and production.

The task force should also include representatives from the following departments: corporate security, human resources, records management, data processing, and legal.

Once the task force is assembled, it must identify the information that is to be protected.

93
Q

What is sliding?

A

including additional coverage in an insurance policy without the insured’s knowledge.

The extra charges are hidden in the total premium.

Since the insured is unaware of the coverage, few claims are ever filed. For example, motor club memberships, accidental death, and travel accident coverage can usually be added to the policy without the insured’s knowledge.

94
Q

What are common carriers of malware?

A

Some of the more common carriers of malware include:

Unknown or unchecked application software
Infected websites
Banner ads
Software or media that employees bring to work
Files downloaded from the Internet
Infected software from vendors and suppliers
Uncontrolled and shared program applications
Demonstration software
Freeware and shareware files
Email attachments

95
Q

How can you uncover Ponzi schemes?

A

(1) Sounds too good to be true
(2) Promises of low risk or high rewards
(3) History of consistent returns
(4) High-pressure sales tactics
(5) Pressure to reinvest
(6) Complex trading strategies
(7) Lack of transparency or access
(8) Lack of segregation of duties

96
Q

Excessive write-offs are a form of concealment for which fraud schemes?

A

phantom loans
conflicts of interest, and
embezzlement.

97
Q

What are indemnity bonds and the three other types of insurances??

A

bond that reimburses its holder for any loss to third-party beneficiaries when the insured fails to fulfill a specific undertaking for the third party’s benefit.

(1) Casualty insurance -indemnifies against legal liability to others for injury or damage to persons, property, or other defined legal interests because of specified risks or conduct.
(2) Fidelity insurance indemnifies against economic loss to the insured because of employee dishonesty.
(3) Disability insurance indemnifies against income loss under defined circumstances.

98
Q

What is property flipping?

A

an investor purchases a home and then resells it at a higher price shortly thereafter.

Property flipping is not intrinsically illegal or fraudulent, but it becomes so when a property is purchased and resold within a short period of time at an artificially or unjustly inflated value, often as the result of a fraudulent appraisal.

In a flipping scheme, the property is sold twice in rapid succession at a significant increase in value

99
Q

How can you detect malware? What are the symptoms?

A

The system suddenly, and for no apparent reason, slows down its response time to commands.

The computer stops responding or locks up frequently.

The computer crashes and then restarts every few minutes.

The computer restarts on its own.

The computer does not run as usual.

The computer experiences a sudden and sometimes dramatic decrease of free space.

The size of some files increases.

Files cannot be accessed or are suddenly erased with no warning.

There are unexplained and repeated maintenance repairs.

The user is unable to stop the excessive pop-up windows that appear without cause.

100
Q

What is reusable medical equipment and what fraud scheme can be perpetrated?

A

Reusable medical equipment includes items such as crutches, wheelchairs, and specialized patient beds.

Fraud schemes perpetrated by reusable medical equipment suppliers frequently involve:

Falsified prescriptions for equipment or supplies

Intentionally providing excessive supplies

Equipment not delivered or billed before delivery

Billing for equipment rental beyond when the equipment was checked out

Billing for supplies not covered by the insurance policy or health care program

Scooter scams (i.e., billing for electric-powered wheelchairs that are either unnecessary or are of poorer quality than the model billed for)

101
Q

What is ransomware?

A

a form of malware

locks a user’s operating system and restricts access to data files until a ransom is paid.

These schemes typically promise that, after payment is received, the user will be provided with a key to release the system and unencrypt files; however, even after money is transferred, many victims find that the virus remains installed on their machine and a key is never provided.

102
Q

What is a non-performing loan?

A

A nonperforming loan is a loan that is in default or close to being in default.

Fraud schemes resulting in a nonperforming loan include:

Fraudulent appraisals—The cash flow cannot support an inflated loan and resulting debt amount.

False statements—The loan was made on false or fraudulently presented assumptions.

Equity skimming—The borrower never intended to make the underlying loan payments.

Construction over-budget items—The amount over budget might be a concealment method for other schemes such as embezzlement, misappropriation, or false statements.

Bribery—The loan was made because the lender received a bribe or a kickback from the borrower.

Land flips—The purpose of the loan was to finance the seller out of a property that has an artificially inflated value.

Disguised transactions—The loans are sham transactions without substance, made to conceal other ills.

103
Q

What are rent-a-patient schemes

A

rent-a-patient schemes involve paying individuals to undergo unnecessary medical procedures

they are then billed to the patient’s insurer or health care program.

104
Q

What is the pre-solicitation phase?

A

where procuring entity identifies its needs, develops bid specifications(measurements, characteristics,e etc) and determines method to use in aquiring the goods

types of fraud that can occur in this stage:

need recognition
bid tailoring
bid splitting
unjustified method of procurement
change order abuse
105
Q

What is the solicitation phase?

A

involves bid solicitation, preparation and submission.

once solicitation document has been issued, bidders prepare and submit bids

types of fraud:

bid manipulation

leaking bid data

collusion among contractors

defective pricing schemes (inflating labor costs/material costs)

106
Q

What is the bid evaluation and award phase?

A

procuring employees evaluate the bids/proposals, conduct negotations and give bidders a chance ot revise proposals.

winning bid or proposal selected

fraud schemes:

bid manipulation
leaking bid data

107
Q

what is the post aware and administration phase?

A

contracting parties fulfill their respective duties through the performance of their contractual obligations

activities occuring: modifications (i.e. change orders_, review of completed portions, etc.

fraud schemes:

nonconforming goods/services

change order abuse

cost mischarging

108
Q

what is bid suppresion?

A

two or more contractors enter into an illegal agreement

one of the bidders refrains from bidding or withdraws their previously submitted bid

goal is to ensure a particular competitor’s bid is accepted.

109
Q

What is the need recognition scheme?

A

procurement employees convince their employer that it needs excessive or unnecessary products/services.

usually receive a bribe or kickback for convincing

110
Q

What are bid tailoring schemes?

A

drafting bid specifications in a way that gives an unfair advantage to a certain contractor

usually in collusion with a contractor

can be done in three ways:

1 - drafting narrow specifications (i.e. certain percentage of males)

2 - drafting broad specifications (to qualify an unqualified contractor)

3 - drafting vague specifications (omit bid specifications)

111
Q

What is nonconforming goods or services?

A

deliver goods or services to the procuring entity that do not conform to the underlying contract specifications.

112
Q

What is change order abuse?

A
  • submitting a low bid to ensure win and then after, increase price with subsequent change orders