While many of you know Vestige for our reactive digital forensic and cybersecurity services, Vestige prides itself on remaining vigilant and proactive to events and incidents that can result in bad things happening to organizations – hopefully with the idea of providing you with solutions to avoid such incidents.
As such, we want to remind organizations to have a watchful eye on fraud within their organization. Vestige has noted a marked increase in the number of inbound requests from organizations dealing with cyber scams or suspected fraud. We believe this may be a direct result of COVID-19 and the significant changes it has forced organizations to deal with.
The Association of Certified Fraud Examiners (ACFE) created the Fraud Triangle Model, which indicates that when two or more of the factors are present, fraud is much more likely to occur.
The factors are:
1) Financial Need,
2) Access to the money and/or systems to perpetrate a fraud, and
Increased stress, loss of income and the financial burden that individuals are facing due to the current pandemic certainly provide individuals with the financial need. Organizations’ move to Work From Home (WFH) and all of the associated changes that came with that may have inadvertently lowered the organization’s internal controls, as we’ve looked to “just make it work.” (i.e. read “survival mode”). These two factors in and of themselves meet the Fraud Triangle’s threshold and set the organization up for the possibility of fraud. Layer in an individual’s own internal justifications (i.e. “I’m working 12 hour days, doing three people’s jobs and I haven’t had a raise since 2019”) and suddenly you can recognize that we may be sitting in the midst of the “Perfect Storm”.
We highly recommend:
- You take a moment and evaluate the organization’s internal controls to make sure that they are as strong or stronger than pre-pandemic,
- Evaluate whether new controls need to be implemented to address today’s situation,
- Communicate with your employees to understand what they’re going through and to evaluate whether any of them exhibit any classic red flag behavior (i.e. living beyond their means – especially in comparison to others similarly situated during this pandemic, cozy relationships with vendors or customers, excessive control issues or unwillingness to share responsibilities, etc.)
If you suspect potential fraud, you would like more information or if you want to discuss manners in which cyber scams can be identified and investigated, reach out to the Experts at Vestige Digital Investigations.
Damon Hacker, MBA, CCE, CISA, CSXF leads Vestige who assists organizations in identifying, investigating, managing and protecting their most vital digital resources. It does that through a robust set of inter-related services including digital forensics and both proactive and reactive cybersecurity solutions.