As the term “social distancing” has burst into our daily vocabulary, we are in a new territory of conducting daily business through remote working situations. While this taught us new lessons in creative adaptation, it has also created fresh opportunities for corporate fraud. Protecting yourself, your company, and your employees from these new fraud threats during the COVID-19 outbreak is essential.
Business Email Compromise Attacks
On March 3, 2020, the FBI issued a Private Industry Notification warning companies that fraudsters were abusing the Microsoft Office 365 and Google G Suite platforms as part of widespread Business Email Compromise (BEC) attacks. The rapid and extensive shift to a remote-based workforce has created a prime opportunity for BEC and other social engineering attacks. In these types of schemes, fraudsters pose as someone from within the victim’s company and request sensitive business or personal information.
For example, a fake HR Director may contact an employee instructing them to forward employee W-2s. While the request may be unusual, today’s circumstances are far from ordinary. It is entirely plausible that your company’s HR Director, who does not have access to information located in your now closed, requests the information directly. Because they hide behind a mask of legitimacy, these fraudulent requests have high rates of success.
To combat BEC and Social Engineering attacks:
Employee Fraud
Unfortunately, fraud doesn’t exclusively emerge from the outside of an organization. When management and other key departments are busy navigating a pandemic, things like internal controls and anti-fraud efforts often take a back seat. While understandable, these refocused priorities make the organization increasingly vulnerable to attacks from within. When the perception of possible detection decreases within an organization, some employees may be tempted to take advantage when the normal watchdogs are visibly distracted and/or very likely overwhelmed. Remember the fraud triangle: pressure, opportunity and rationalization all tend to increase dramatically in times of uncertainty and unrest.
To combat attacks from within:
COVID-19 and our efforts to fight infection through remote-working arrangements will be a reality for the foreseeable future. With fraudsters working overtime to develop new ways to take advantage of this crisis, we must remain informed and vigilant in our anti-fraud efforts.
While we may not always control what is happening around us, we can—and in fact we must—manage our reactions to it. As always, the team at GLEASON is here to help you manage the fraud risks that your organization may face today and every day. We will get through this together.
For more information about GLEASON’s forensic accounting and fraud mitigation/detection experience and expertise, please visit read more here.
Matt Gleason April 14th, 2020
Posted In: Gleason Experts
Disasters have a tendency to bring out the best and worst in people. Sadly, serial fraudsters view events such as the COVID-19 pandemic as the perfect opportunity to strike. They are keenly aware that potential victims and typical watchdogs are likely distracted, stressed and overwhelmed. Unfortunately, fraudsters are well experienced in using fear and panic to their advantage.
To protect yourself, your employees, and your customers during these difficult times, be aware of the following scams which, unfortunately, are currently on the rise.
Phishing/SMiShing
In Phising/SMiShing schemes, fraudsters use emails and text messages that induce a victim to reveal sensitive personal information such as financial data, email credentials, passwords, etc.
A tried and true method used by would-be fraudsters is to make messages appear to be from legitimate sources. During the COVID-19 pandemic, beware of messages that appear to originate from the Centers for Disease Control, World Health Organization or local health department. Fraudulent messages will exploit a victim’s fear and/or desire for information by including links stating “For the safety measures you need to know, click here,” “Clicking here could save your life,” or “Click here to read the latest on COVID-19.” Others pose as shipping companies and send seemingly inconspicuous messages such as “Click here to update your delivery preferences to protect yourself against COVID-19.”
These links may direct a victim to a legitimate looking site, where they are prompted to enter an email address and password. Should a victim enter the information, they may unwittingly provide a fraudster with full access to the victim’s email account, as well as any other accounts for which the victim uses the identical email and password combination.
Other Phishing/SMiShing scams in the age of COVID-19 offer “free” testing kids and services or related products, claiming the victim need “only pay shipping and handling.” Once the unassuming victim enters their credit card information, the fraudster may use the information for unauthorized purchases. The testing products either never arrive, or if they do, they do not work. In such cases, not only has the fraudster stolen the victim’s identity, but the victim may also have relied on the results of a bogus medical test.
Blackmail Scams
In a COVID-19 blackmail scam, fraudsters prey upon business-owners’ fears that an outbreak at the business’s location could have disastrous effects on sales. The fraudster may contact the would-be victim claiming to be an individual who has contracted COVID-19 at the victim’s business. The fraudster then demands payment in exchange for their silence. The payments are to be sent to overseas accounts which are virtually untraceable.
Malware Attacks
Malware attacks use malicious software to damage devices, steal data and/or gain unauthorized access. Examples include ransomware, keyloggers and spyware.
Malicious links and attachments can trigger a download of malware onto your computer or device. In such attacks, again the fraudster preys on the victim’s desire for information during crisis.
One example of malware recently discovered uses a supposed “real-time Coronavirus map originally developed by Johns Hopkins” as its bait. A fraudulent “Coronavirus Tracker” app is also in circulation. Victims, intending to obtain useful information such as the real-time location of positive tests, click to open the attachments and unwittingly install malware programs on their devices. Such malware programs may be used by fraudsters to gain access to company networks—especially during a time when many employees are accessing their employers’ networks remotely—or may be used to appropriate email programs and passwords stored on the device. Other malware programs may lock a user out of the device, and demand a ransom payment to unlock the user’s data.
Combatting Remote Data Attacks
To combat Phishing/SMiShing, blackmail and malware attacks:
The team at GLEASON has numerous trained Certified Fraud Examiners and forensic accounting professionals who stand ready to help you manage the fraud risks that you and your organization face today and every day. We will get through this together.
Matt Gleason April 14th, 2020
Posted In: Gleason Experts
The COVID-19 pandemic and the resulting slow down or temporary cessation of many businesses has triggered a massive sell-off in equities, as investors have cut projections and raised equity risk profiles for publicly traded investments in this time of uncertainty. The sudden decline in equity values provides both challenges and opportunities for business owners and their advisors to consider, including:
Gleason Experts stands ready to help you deal with problems and opportunities that have already arisen, and to help you prepare for those that are on the horizon. Please reach out to one our team members for more information.
Matt Gleason April 8th, 2020
Posted In: Gleason Experts, Uncategorized
As uncertainty surrounding the timeline and ability to manage the spread of COVID-19 grows, so does the complexity of managing and valuing businesses. Social distancing and the reduction or elimination of “non-essential” activity has profoundly disrupted or even closed businesses and supply chains across the United States and globe. There are a number of environmental factors that business owners, their counsel and advisors should be aware of that may affect the value of a privately held business. We’ve summarized some, but not all, of the key issues to consider below:
The answers to these key questions and issues will vary on company by company basis. Gleason relies on its experience and expertise to assess responses to these issues and quantify the effect on the value of each specific business.
Gleason’s experience and expertise in assessing and analyzing cost of capital issues provide us with the tools required to consider these issues specific to each business and determine a reasonable, reliable measure of a required rate of return specific to the subject company in every valuation.
COVID19 has increased the complexity of valuations of practically all businesses. Over the past 30 years, Gleason guided clients has assisted its clients in the past through times of extreme volatility, uncertainty, and complexity and is ready to assist you today. Please reach out to one our team members for customized answers to the above questions as they specifically pertain to your business.
Matt Gleason April 8th, 2020
Posted In: Gleason Experts
In response to the substantial economic disruption caused by the COVID-19 pandemic and the associated business shutdowns, the U.S. enacted a series of stimulus measures in late March, including the Coronavirus Aid, Relief, and Economic Security (CARES) Act, the largest stimulus bill in U.S. history. Among other measures, the CARES Act:
By providing direct financial aid to individuals and businesses during the pandemic and associated economic shutdown, the stimulus packages were designed to ease the adverse effects on business cash flows, growth rates, and discount rates. The extent to which these measures benefit private businesses will vary from industry to industry and company to company. Furthermore, the effectiveness of the response by the U.S. government is also dependent on the length of the shutdown required to slow the spread of COVID-19, all of which is still unknown.
From the perspective of business valuation, the stimulus measures raise a number of questions and issues for business owners and valuation analysts. The following are just a few examples of the complex questions business owners may be faced with:
COVID19 and the resulting stimulus legislation has increased the complexity of valuations for practically all businesses. Over the past 30 years, Gleason has guided its clients through times of extreme volatility and periods of uncertainty and is ready to assist today. Please reach out to one our team members for more information on how we can help and best answer the questions and issues raised by the economic stimulus legislation.
Matt Gleason April 8th, 2020
Posted In: Gleason Experts, Uncategorized