Other Fraud Schemes Flashcards

Question

Why does one engage in social engineering?

Answer 1

- to gain unauthorized access to systems - obtain confidential communication so they can commit fraud, intrude into networks, gain access to buildings, steal another party’s secrets, commit identity theft, or engage in some other nefarious act. - procure information that will give them a competitive advantage - to find ways in which they can install malware.

Answer 2

malicious self-replicating computer program that penetrates operating systems to spread malicious code to other computers.

Answer 3

variation of an advance-fee scheme that occurs when a fraudster creates a fake vacation rental listing or website fraudster usually asks the victim to wire funds for the first and last night’s stay or even requires the victim to pay in full. After receiving the funds and passing off fake information about the short-term rental to the victim, the fraudster disappears and is no longer reachable

Answer 4

- Confirm phone and mailing addresses on the application against info available from other sources - area or city code in the applicant’s telephone number matches the geographical area - Send a “welcome” letter to the address on the application with the bank’s return address - Always mail PINs separately from other information

Answer 5

- Limit the personal information collected from customers. - Restrict employees’ access to the information - Use network-security tools to monitor who accesses personal information. - Do not retain personal information for longer than necessary. - Create a data breach response plan.

Answer 6

- potential rewards are greater (larger bank balances) - businesses are less likely to notice new or unusual financial transactions - information necessary to commit business identity theft (e.g., business or tax identification numbers) is often publicly available online

Answer 7

type of MALWARE programs that, upon infecting a computer, use that computer’s processing power to mine for cryptocurrencies without owner’s knowledge or consent USED to generate illicit income in the form of cyrptocurrency causes victims to incur costs related to power usage or cloud storage

Answer 8

form of spear phishing attack that directly targets executives or other high-ranking corporate employees who have the ability to make large payments. involve fraudulent emails that appear to be from the company’s own CEO or from the head of a foreign suppliers instructing mployee to perform a time-sensitive wire transfer to ensure that the supply chain is not disturbed more often now, these emails are paired with an insistent phone call from someone posing as the email sender or as the sender’s attorney

Answer 9

(1) BUISINESS WORKING WITH FOREIGN SUPPLIER: posing as a company’s foreign supplier and send an email to the company requesting funds be transferred to an alternate account controlled by the fraudsters. (2) BUSINESS EXECUTIVE REQUESTING WIRE TRANSFER: using compromised email account of a high-level executive to pose as the executive and ask an employee to transfer funds (3) VENDORS RECEIVING FRADULENT REQUESTS FOR PAYMENT: using an employee’s compromised email account to identify company’s vendors and ask them to transfer funds (4) ATTORNEY IMPERSONATION: posing as the company’s attorney and, contacting an employee to request transfer of funds (5) DATA THEFT: using compromised email account of executive to request employees’ tax information or other PII from the person responsible for maintaining such information (e.g., human resources personnel)

Answer 10

Real estate transactions assume a willing buyer and seller Fraud can occur when the transaction breaks down or the expert assistance is not at arm's length Many real estate fraud schemes have a false appraisal report as a condition precedent. Easily recognizable as always an element of time pressure - convincing victims its once in a lifetime deal or now or never

Answer 11

(1) FICTITIOUS SERVICES SCHEME: legitimate health care providers charge or bill a health care program for services not rendered (2) FICTITIOUS PROVIDER SCHEME: Occurs in two ways 1- fraudulently obtain and use another provider’s identification information and steal or purchase lists of patient information. 2 - perpetrator submits bills using the fictitious provider’s information to the insurance provider or government health care program for medical services, although no services are performed. (3) CLINICAL LAB SCHEMES - provider advises a patient that additional medical testing is needed to diagnose a problem when it is not

Answer 12

- opening bids prematurely - Altering bids - Extending bid opening dates without justification

Answer 13

aka voice fishing - act of leveraging Voice over Internet Protocol (VoIP) falsely claiming to be a legitimate enterprise in an attempt to scam users into disclosing personal information - generally transmitted as an incoming recorded telephone message that uses a spoofed (fraudulent) caller ID matching the identity of a misrepresented organization - criminals capture the key tones and convert them back to numerical format

Answer 14

occurs when a provider bills for a higher level of service than actually rendered One common form of upcoding involves generic substitution—filling a prescription with a less expensive drug, while billing for the more expensive form of the drug.

Answer 15

Plastic card, the size of a credit card, embedded with a microchip CANNOT be easily replicated or counterfeited include a wide variety of hardware and software features capable of detecting and reacting to tampering attempts not immune to attacks

Answer 16

(1) physical (2) side-channel (3) software (5) environmental

Answer 17

documentation substantiating that a developer has incurred the appropriate construction expenses and is now seeking reimbursement or direct payment request should be accompanied by the following documents: - Paid invoices for raw materials - Lien releases from each subcontractor - Inspection reports - Canceled checks from previous draw requests - Bank reconciliation for construction draw account for previous month - Loan balancing form demonstrating that the loan remains in balance - Change orders, if applicable - Wiring instructions, if applicable - Proof of developer contribution, if applicable

Answer 18

- aka product substitution or failure to meet contract specifications - attempts by contractors to deliver goods or services to the procuring entity that do not conform to the underlying contract specifications potential red flags for nonconforming schemes: - High percentage of returns - missing compliance certificates - evidence of falsified test inspection

Answer 19

practice of covertly acquiring audio, visual, or other types of data from targets through the use of technical devices, procedures, and techniques usually to gather nondocumentary evidence or information that cannot be found through open sources

Answer 20

(1) PREMIUM FRAUD: misrepresentation of information to the insurer by employers to lower the cost of premiums (2) AGENT FRAUD: pilfering premiums and conspiring to reduce premiums. (3) CLAIMANT FRAUD: misrepresenting the circumstances of any injury or fabricating that an injury occurred (4) ORGANIZED FRAUD: composed of the united efforts of a lawyer, a capper, a doctor, and the claimant.

Answer 21

Passwords Card-based systems Biometrics Profiling software

Answer 22

involve a range of fraudulent conduct, usually committed by professional scammers, against unsuspecting victims schemes include advance-fee swindles, debt consolidation schemes, and diploma mills.

Answer 23

fraudsters leave malware-infected USB flash drives, CD-ROMs, or similar items in places where people will find them, such as parking lots items often have a label designed to elicit curiosity or greed in the victims (e.g., “FREE PRIZE”). When the item is inserted into the victim’s computer, the computer or network is infected, giving the identity thief access to information

Answer 24

(1) Homeownership schemes: fraudster recommends a friend who can perform needed home repairs at a reasonable price. This friend might require the homeowner to sign a document upon completion, confirming repairs were made. In some cases, the elderly victims later learn they signed the title of their house over to the repairperson. In other cases, elderly victim overcharged (2) Sweepstake and prize schemes: Fraudsters inform elderly individuals they won a prize but must pay a fee to receive it and continuously play this ask again until savings depleted (3) Work-at-home schemes: business opportunities targeting elderly individuals who need extra income to supplement their retirement benefits, including assembly crafts, chain letters, coupons, envelope stuffing, medical billings, and report writing.

Answer 25

(1) FINANCIAL IDENTITY THEFT - MOST COMMON IDENTITY THEFT. occurs when a fraudster uses an individual’s personal information for fraudulent financial transactions. Examples: account takeover, true name fraud (2) BUSINESS IDENTITY THEFT: occurs when a fraudster impersonates a business to commit financial fraud, (3) CRIMINAL IDENTITY THEFT: occurs when fraudsters falsely identify themselves as other people to law enforcement while being arrested or investigated for a crime

Answer 26

The presolicitation phase The solicitation phase The bid evaluation and award phase The post-award and administration phase

Answer 27

NOT a TYPE of malware but rather a CLASSIFICATION of malware denoted by its intent to facilitate criminal behavior

Answer 28

(1) REVIEW OF SOURCE DOCUMENTS - used when $ amount is small enough that statements are not materially affected - most effectively detected through review of source documents (receipts, deposit slips). - common red flags: missing sources documents, payee identification matches employee or relative information, alteration, photocopies only (2) FINANCIAL STATEMENT ANALYSIS - when financial statements materially affected

Answer 29

Contractors intentionally use inaccurate cost or pricing data to inflate costs in negotiated contracts A contractor can inflate labor costs by: - Using outdated cost schedules - Using lower-wage personnel to perform work at higher rates - Using salaried personnel to perform uncompensated overtime - Failing to account for learning-curve cost reductions - Subcontracting to affiliated companies at inflated rates

Answer 30

fraud that occurs on an account within the first 90 days that it is open more common red flags of potential new account schemes are: - Customer residence outside the bank's trade area - requesting immediate cash withdrawal upon deposit - Missing or inaccurate customer application information - Use of a mail drop address

Answer 31

(also known as protective, shadow, or cover bidding) common form of collusion between competitors, and it occurs when competitors submit token bids that are not serious attempts to win the contract. influences the contract price and who is awarded the contract.

Answer 32

scavenger or revenge scheme involves the company that initially conned the consumer. Using a different company’s name, they contact the consumer again and asks if he would like to help put the unethical company out of business and get his money back. Naturally, an upfront fee is required to finance the investigation.

Answer 33

a program or command procedure that gives the appearance that it is useful but in fact contains hidden malicious code that causes damage

Answer 34

health care procedures often have special reimbursement rates for a group of procedures typically performed together. so some providers attempt to increase profits by billing separately for procedures that are actually part of a single procedure aka coding fragmentation

Answer 35

- Non-Repudiation (Most important - method used to guarantee that the parties involved in an e-commerce transaction cannot repudiate (deny) participation in that transaction. Non-repudiation is obtained through the use of digital signatures, confirmation services, and timestamps) - Confidentiality of data - Integrity of data - Availability of data - Authentication

Answer 36

Diagnostic-related groupings (DRG) is a reimbursement methodology for the payment of institutional services DRG creep occurs when medical staff members manipulate diagnostic and procedural codes to increase reimbursement amounts or other forms of funding

Answer 37

Gathering data through direct contact with people example - posing as customer of victim company - employment interviews - planting agent in target oganization - social engineering

Answer 38

involves the fraudulent acquisition of real estate by filing a fraudulent deed or respective real estate document that makes it appear that the property legally belongs to the criminal. The true owner’s signature is forged on the documents, and the scammer files them in the jurisdiction’s real property records. Once the ownership documents are filed, he applies for and executes a loan on the property (using a straw borrower).

Answer 39

merging environment of everyday objects that use embedded sensors to collect and transmit data through the Internet. Examples: wearable fitness devices, home-automation products, and smart parking systems.

Answer 40

``` Children Seniors Members of the military College students The deceased ```

Answer 41

targets groups of individuals who have some social connection such as - Neighborhoods chiefly populated by racial minorities, especially immigrant groups - the elderly

Answer 42

involve paying individuals to undergo unnecessary medical procedures that are then billed to the patient’s insurer or health care program

Answer 43

a bank buys, sells, and swaps its bad loans for the bad loans of another bank, creating new documentation in the process. Its purpose is to mask or hide bad loans by making them look like they are recent and good.

Answer 44

Data manipulation - use or manipulation of a computer to perpetrate a crime data destruction involves the unauthorized modification, suppression, or erasure of computer data or computer functions, with the intent to alter or hinder the normal functions of the targeted system Data manipulation and destruction involves either direct or covert unauthorized access to a computer system by the introduction of malicious software such as viruses, worms, or logic bombs.

Answer 45

- Using malware to infect computers - Wire tapping into a computer’s communication links - Transmitting data to an outside destination without authorization

Answer 46

The process whereby an individual enters a target organization to spy on the organization’s employees

Answer 47

A system that blocks unauthorized or unverified access to network assets by surveying incoming and outgoing transmissions

Answer 48

- AKA specifications schemes - occur during the presolicitation phase - an employee with procurement responsibilities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor

Answer 49

(1) drafting NARROW specification - a corrupt employee tailors the bid specifications to accommodate a vendor’s capabilities and to eliminate other competitors (2) drafting BROAD specifications- a corrupt employee of the buyer designs unduly broad qualification standards to qualify an otherwise unqualified contractor (3) Drafting VAGUE specifications: - the buyer’s personnel and the contractor collude to write vague specifications or intentionally omit bid specifications. This enables subsequent contract amendments, allowing the contractor to raise the contract’s price

Answer 50

- a form of collusion among contractors | - occurs when two or more contractors conspire to alternate the business among themselves on a rotating basis

Answer 51

- structured to obtain an illegal gain by falsely promising the delivery of a product or service - In some schemes, the product is marketed to a large number of customers, and then the operation is shut down prior to the delivery stage.

Answer 52

a device or software application that monitors an organization’s inbound and outbound network activity and identifies any suspicious patterns of activity that might indicate a network or system attack or security policy violations - supplement firewalls

Answer 53

- loan for a nonexistent property—with air symbolizing the loan’s fraudulent absence of collateral. - Most or all of the documentation is fabricated, including the borrower, the property ownership documents, and the appraisal

Answer 54

- variation on property flipping, but it generally involves a property subject to a short sale - involves a rapid transfer of property with an unjustified, significant change in value - but instead of inflating the value on the second transaction, the value on the first transaction is deflated

Answer 55

involves the use of entirely fabricated personal information or a combination of real and fabricated information to create a new identity

Answer 56

a fraudster steals an individual’s personal information and pretends to be that individual (account take over, true name fraud).

Answer 57

(1) PREMIUM THEFT- An agent collects the premium but does not remit the payment to the insurance company (2) FICTITIOUS PAYEES - agent or a clerk changes the beneficiary on record to a fictitious person and subsequently submits the necessary papers to authorize the issuance of a payment (3) FICTITIOUS DEATH CLAIMS - agent or employee obtains a fictitious death certificate and requests that a death claim payment be issued. The agent then steals the payment

Answer 58

Use anti-malware software Regularly update virus definitions in anti-malware programs. Use precaution when opening emails from acquaintances. Do not open email attachments unless they are from trusted sources. Only download files from reputable sources. Regularly update the operating system. Regularly update the computer with the latest security patches available Ensure that there is a clean boot disk to facilitate testing with antivirus software. Use a firewall and keep it turned on. Consider testing all computer software on an isolated system before loading it. Keep backup copies of production data files and computer software in a secure location.

Answer 59

There is a lack of tools to detect EDI fraud. The variety of health care services increases the potential for dissimilar frauds. The efficiency of EDI allows for more vendors and thus more claims to account for. The swiftness in which transactions take place allows less time to uncover fraud.

Answer 60

an attack in which a user is fooled into entering sensitive data (such as a password or credit card number) into a malicious website that imitates a legitimate website. It is different from phishing in that the attacker in a pharming scheme does not have to rely on having the user click on a link in an email or other message to direct him to the imitation website.

Answer 61

Loan officers will sometimes make loans to accomplices who then share all or part of the proceeds with the lending officer. In some instances, the loans are charged off as bad debts; in other instances, the fake loans are paid off with the proceeds of new fraudulent loans.

Answer 62

Ditching, also known as owner give-ups, involves getting rid of a vehicle to collect on an insurance policy or to settle an outstanding loan.

Answer 63

Red flags of insurance claim fraud include the following: The claim is made a short time after the policy's inception or after a coverage increase or change. The insured has a history of many insurance claims. The insured previously asked the insurance agent hypothetical questions about coverage in the event of a loss similar to the actual claim. In a theft or fire loss claim, the claim includes a lot of recently purchased, expensive property, but the insured cannot provide receipts, owner's manuals, or other proof-of-purchase documentation. In a fire loss claim, the claim does not include personal or sentimental items, such as photographs or family heirlooms, that would usually be listed among the lost property. The insured has discarded the claimed damaged property before the adjuster can examine it.

Answer 64

involve the agency collecting the money from the debtor but not forwarding it to the creditors.

Answer 65

Telemarketing operations commonly engage factoring companies. These groups buy credit card receipts from telemarketing operations at a discount, and then use their merchant bank accounts to convert the receipts into cash. Factoring is illegal in some jurisdictions Factoring through Asian and European merchants is becoming increasingly common - tend to charge a lower price for their services

Answer 66

credit card skimming scheme requires a device, often referred to as a skimmer or a wedge, that scans and stores a large amount of credit card numbers.

Answer 67

a person assumes a homeowner’s identity and takes out an additional loan or a second mortgage in the homeowner’s name. If there is not enough equity in the home to warrant a second loan, an inflated appraisal is obtained. This scheme often involves a high level of collusion between a loan officer, an appraiser, and a title agent (or other real estate document service provider).

Answer 68

management should establish a task force and charge it with developing the program. The task force should include managers and staff from departments that deal with proprietary information, such as research and development and production. The task force should also include representatives from the following departments: corporate security, human resources, records management, data processing, and legal. Once the task force is assembled, it must identify the information that is to be protected.

Answer 69

including additional coverage in an insurance policy without the insured's knowledge. The extra charges are hidden in the total premium. Since the insured is unaware of the coverage, few claims are ever filed. For example, motor club memberships, accidental death, and travel accident coverage can usually be added to the policy without the insured's knowledge.

Answer 70

Some of the more common carriers of malware include: Unknown or unchecked application software Infected websites Banner ads Software or media that employees bring to work Files downloaded from the Internet Infected software from vendors and suppliers Uncontrolled and shared program applications Demonstration software Freeware and shareware files Email attachments

Answer 71

(1) Sounds too good to be true (2) Promises of low risk or high rewards (3) History of consistent returns (4) High-pressure sales tactics (5) Pressure to reinvest (6) Complex trading strategies (7) Lack of transparency or access (8) Lack of segregation of duties

Answer 72

phantom loans conflicts of interest, and embezzlement.

Answer 73

bond that reimburses its holder for any loss to third-party beneficiaries when the insured fails to fulfill a specific undertaking for the third party's benefit. (1) Casualty insurance -indemnifies against legal liability to others for injury or damage to persons, property, or other defined legal interests because of specified risks or conduct. (2) Fidelity insurance indemnifies against economic loss to the insured because of employee dishonesty. (3) Disability insurance indemnifies against income loss under defined circumstances.

Answer 74

an investor purchases a home and then resells it at a higher price shortly thereafter. Property flipping is not intrinsically illegal or fraudulent, but it becomes so when a property is purchased and resold within a short period of time at an artificially or unjustly inflated value, often as the result of a fraudulent appraisal. In a flipping scheme, the property is sold twice in rapid succession at a significant increase in value

Answer 75

The system suddenly, and for no apparent reason, slows down its response time to commands. The computer stops responding or locks up frequently. The computer crashes and then restarts every few minutes. The computer restarts on its own. The computer does not run as usual. The computer experiences a sudden and sometimes dramatic decrease of free space. The size of some files increases. Files cannot be accessed or are suddenly erased with no warning. There are unexplained and repeated maintenance repairs. The user is unable to stop the excessive pop-up windows that appear without cause.

Answer 76

Reusable medical equipment includes items such as crutches, wheelchairs, and specialized patient beds. Fraud schemes perpetrated by reusable medical equipment suppliers frequently involve: Falsified prescriptions for equipment or supplies Intentionally providing excessive supplies Equipment not delivered or billed before delivery Billing for equipment rental beyond when the equipment was checked out Billing for supplies not covered by the insurance policy or health care program Scooter scams (i.e., billing for electric-powered wheelchairs that are either unnecessary or are of poorer quality than the model billed for)

Answer 77

a form of malware locks a user’s operating system and restricts access to data files until a ransom is paid. These schemes typically promise that, after payment is received, the user will be provided with a key to release the system and unencrypt files; however, even after money is transferred, many victims find that the virus remains installed on their machine and a key is never provided.

Answer 78

A nonperforming loan is a loan that is in default or close to being in default. Fraud schemes resulting in a nonperforming loan include: Fraudulent appraisals—The cash flow cannot support an inflated loan and resulting debt amount. False statements—The loan was made on false or fraudulently presented assumptions. Equity skimming—The borrower never intended to make the underlying loan payments. Construction over-budget items—The amount over budget might be a concealment method for other schemes such as embezzlement, misappropriation, or false statements. Bribery—The loan was made because the lender received a bribe or a kickback from the borrower. Land flips—The purpose of the loan was to finance the seller out of a property that has an artificially inflated value. Disguised transactions—The loans are sham transactions without substance, made to conceal other ills.

Answer 79

rent-a-patient schemes involve paying individuals to undergo unnecessary medical procedures they are then billed to the patient’s insurer or health care program.

Answer 80

where procuring entity identifies its needs, develops bid specifications(measurements, characteristics,e etc) and determines method to use in aquiring the goods types of fraud that can occur in this stage: ``` need recognition bid tailoring bid splitting unjustified method of procurement change order abuse ```

Answer 81

involves bid solicitation, preparation and submission. once solicitation document has been issued, bidders prepare and submit bids types of fraud: bid manipulation leaking bid data collusion among contractors defective pricing schemes (inflating labor costs/material costs)

Answer 82

procuring employees evaluate the bids/proposals, conduct negotations and give bidders a chance ot revise proposals. winning bid or proposal selected fraud schemes: bid manipulation leaking bid data

Answer 83

contracting parties fulfill their respective duties through the performance of their contractual obligations activities occuring: modifications (i.e. change orders_, review of completed portions, etc. fraud schemes: nonconforming goods/services change order abuse cost mischarging

Answer 84

two or more contractors enter into an illegal agreement one of the bidders refrains from bidding or withdraws their previously submitted bid goal is to ensure a particular competitor's bid is accepted.

Answer 85

procurement employees convince their employer that it needs excessive or unnecessary products/services. usually receive a bribe or kickback for convincing

Answer 86

drafting bid specifications in a way that gives an unfair advantage to a certain contractor usually in collusion with a contractor can be done in three ways: 1 - drafting narrow specifications (i.e. certain percentage of males) 2 - drafting broad specifications (to qualify an unqualified contractor) 3 - drafting vague specifications (omit bid specifications)

Answer 87

deliver goods or services to the procuring entity that do not conform to the underlying contract specifications.

Answer 88

- submitting a low bid to ensure win and then after, increase price with subsequent change orders