“They” are lurking out there, just waiting for an opportunity to make money at your organization. Who are “they”? They’re not the prospective workforce; they’re fraudsters! Unfortunately, fraud has seen massive growth in the last few years. The lingering effects of COVID-19, supply chain issues, and increased dependence on technology—combined with advanced new and innovative fraud schemes and other cyber threats—have resulted in yet-unknown risks to all types of for-profit and nonprofit organizations.
But there are ways of preventing and mitigating the effects of fraud, and a strong managerial team is at the core. Among the following illustrative types of fraud—job-posting, cryptocurrency, and internal and external—the latter two are the most controllable by an entity’s culture and values.
Due to the difficult labor market, one of the top schemes right now is Job-Posting Fraud in which a fraudster takes advantage of a job seeker by posting a fake job posting, luring in a candidate, and then obtaining a significant amount of personal information in the ‘hiring’ and ‘onboarding’ processes. These activities are often done via texts, instant messaging, or other means, where the candidate never actually meets the “interviewer.”
Cryptocurrency is also a major target for fraudsters in recent years. They will often use schemes related to investments, “romances,” or they will pose as business partners or government regulators to trick individuals or organizations into parting with their crypto.
Internal and External Fraud
According to a 2022 global economic crime and fraud survey conducted in 2022, external fraud perpetrators are on the rise, while internal fraudsters are down. One shocking statistic is that collusion between internal and external actors is also on the rise. The primary risk here is that internal controls and traditional fraud prevention tools often can’t stop external fraudsters or collusion. In the face of evolving and increasingly sophisticated fraudsters, what chance does your organization have?
Preventing or Mitigating Fraud
Good news: There are a number of steps an organization can take to prevent or mitigate fraud. The critical thing to remember is that you can’t eliminate the risk of fraud entirely—it’s not possible. The most important thing to do is diminish the fraudsters inherent advantage.
You can do this by
- Understanding the type of person or organization fraudsters target
- Identifying the signs (looks and sounds) of people who commit fraud
- Leading from strength to discourage and prevent fraud
- Practicing good “cyber hygiene.”
Who They Target
Fraudsters love disorder. Individuals, departments, or organizations operating in a disordered environment due to apathy, excessive or unorganized workloads, lack of computer knowledge, or inattention to details are likely targets and often the prey of choice for fraudsters.
What They Look and Sound Like
Fraudsters tend to exhibit similar traits no matter the scheme. They show excessive confidence; they can come across as overbearing, bossy, or even as a bully, yet at the same time, the fraudster could be secretive and elusive. But the root attitude that they all exhibit is greed or entitlement.
How to Lead to Discourage and Prevent Fraud
Organizations proactively responding to fraud risks should make sure that they are setting the tone at the top to create a culture where it is known that fraud is not tolerated and the organizational structure is conducive to a culture of honesty and principles. Personnel need to be trained to be aware of the signs and targets. Internal controls and reviews should not be made public to anyone outside your organization. Partner organizations should be communicated with and made aware that your organization does not tolerate fraud.
Practicing Good Cyber Hygiene
Cyber Hygiene is one of the most vital practices an organization can take to prevent fraud, as most fraudsters hide behind their computer screens—sometimes in your own bullpen. Cyber Hygiene is a collection of standard procedures performed in regular intervals to ensure the integrity of users, networks, data, and devices. Examples of good cyber hygiene are:
- Regular cyber security training for your employees
- Penetration testing of your networks
- Current software versions
- Two-factor authentication
- Storage of devices
Know the Threats. Safeguard Against Them.
We know the fraudsters are out there, and they’re not going away. You wouldn’t leave your house unsecured against criminals; don’t leave your organization unsecured either! By knowing the threat and guarding against it, you can safeguard your organization’s assets needed to accomplish your organization’s goals.
Questions? Feel free to reach out to your LSL advisors or contact us here.