Blog

FraudCast Blog

rss

Pondera FraudCast

Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.


Jon Coss - Blog Manager
Jon Coss - Blog Manager
Pondera's FraudCast Blog
Analytics are more than Numbers and Stats – It’s About People by Tammy Marple, VP - Special Investigations Unit

Analytics are more than Numbers and Stats – It’s About People by Tammy Marple, VP - Special Investigations Unit

During my time as a fraud analyst, I realized that my work was so much more than just numbers and statistics. I worked in State Government for many years and a few years ago, my manager asked me to conduct a study on Opioids. I lived that assignment for 18 months.

After the Opioid study was completed, I traveled the state and shared what I had learned with our regulatory and law enforcement partners. That assignment really stuck with me. The overall impact of the Opioid epidemic on healthcare costs, society, and the family unit is devastating. It is a sad truth when we can say “everyone knows someone addicted to these types of drugs,” regardless of how they got there. An even worse reality is the impact on the family as a whole: newborn babies born addicted to drugs, children being raised by their grandparents or in foster care because the parents are either dead or in jail as a result of their addiction and drug diversion activities, and families living with the daily possibility of overdose.

One of the most eye-opening documentaries regarding this epidemic was created by Vanguard and is titled “The OxyContin Express.” Although the video is many years old, the story it tells is still very real today and it is no longer just a Florida issue. I often suggest that our interns and new employees in Pondera’s Special Investigations Unit watch the video. It explains drug diversion schemes from drug seeking patients to the cash operations of those that prescribe the drugs, as well as the overall human element. It’s been years since I conducted the study on Opioids, and yet Opioid abuse is still on the rise and growing fast with the introduction of illicitly manufactured fentanyl.

An in-depth analysis conducted in 2016 by the Centers for Disease Control and Prevention (CDC), stated that drug overdose deaths were spreading not only geographically but also across demographic groups. Listed below are some of the stats from the CDC analysis:

• Drug overdoses killed 63,632 Americans in 2016.
• Nearly two-thirds of these deaths (66%) involved a prescription or illicit opioid.
• Overdose deaths increased in all categories of drugs examined for men and women, people ages 15 and older, all races and ethnicities, and across all levels of urbanization.
• CDC’s new analysis confirms that recent increases in drug overdose deaths are driven by continued sharp increases in deaths involving synthetic opioids other than methadone, such as illicitly manufactured fentanyl (IMF).

Pondera’s technology can identify these areas of risk in a variety of programs. This is the reason behind what we do to make a difference and potentially effect change for the better. Certainly, our goal is to detect fraud, waste, and abuse in government programs, but it really does come down to people. Sure, technology is always a cool thought when it comes to smart phones, cars that drive themselves, video games, and other advancements, but technology can also be used to detect certain behaviors within large data sets and identify highly suspect activities, patterns, or hot spots of concern. Pondera leverages technology to identify suspect activity and protect vulnerable populations within a program to make a significant difference, not only from a government budget point of view but also in the lives of our fellow citizens.

Cited Sources
Van Zeller, Mariana. “The OxyContin Express.” YouTube, Current TV - Vanguard, 19 October 2009, https://www.youtube.com/watch?v=wGZEvXNqzkM

Researchers for the Centers for Disease Control and Prevention (CDC). “U.S. Drug Overdose Deaths Continue to Rise; Increase Fueled by Synthetic Opioids.” www.cdc.gov, 29 March 2018, https://www.cdc.gov/media/releases/2018/p0329-drug-overdose-deaths.html
Cigarette Fraud

Cigarette Fraud

Last week we wrote about charges being brought against a group of alleged fraudsters in California that were trucking thousands of cans and bottles into California to collect the state’s recycling refunds. This week, just so no one feels left out, we’re bringing you a story from the East Coast that deals with cigarette fraud. That’s right… cigarette fraud.

As you probably already know, the price of cigarettes varies dramatically from state to state because of the taxes imposed by each state government. For example, in Virginia, where the state has an excise tax of only $0.17 per pack, the average price for a pack of cigarettes is $5.25. New York, on the other hand, adds taxes of $4.35 per pack helping to drive the average price per pack to $12.85. That’s a difference per pack of $7.60.

So what does an enterprising fraudster do? Buy cigarettes in Virginia and sell them in New York of course. This is illegal but it apparently didn’t prevent a 26 year old man from driving through Pennsylvania with 7,750 packs of cigarettes purchased in Virginia. That’s over 150,000 individual cigarettes so likely not just for his personal use. That might explain why the Pennsylvania state trooper who pulled him over said the driver was “very nervous, shaking and avoiding eye contact with me at all cost.”

The man is now free on bail but facing felony charges. I guess you never know what’s in the truck you pass on the freeway. Last week it was aluminum cans and plastic bottles. This week it’s thousands of cartons of cigarettes. Next week?
How to Steal $80 million Five Cents at a Time

How to Steal $80 million Five Cents at a Time

Last week, in the realm of “are there any government programs fraudsters won’t steal from”, California officials announced charges against five people who were ripping off the state’s recycling program.

Four defendants are accused of accepting recyclable cans from other states, faking the paperwork, and then billing the state for refunds on the 5- or 10-cent “deposits” that Californians pay when they buy beverages in the state. Of course, Californians can redeem the cans themselves, but I’m just guessing that not many do.

Incredibly, the total amount of the containers added up to $80.3 million. And, even more incredibly, this is not an isolated case. In 2015, for example, a California jury indicted another group of fraudsters for trucking over 200 million bottles and cans into California to collect $14 million in refunds.

A quick check of the California Attorney General’s website reveals that the state does indeed have a Recycle Fraud Program with the objective to “detect and stop existing fraud by organized criminal groups against the recycling fund and to deter future fraud through the successful prosecution of criminal activity.”

In many ways, this simply serves as more proof that even the most well-intentioned programs are subject to fraud and criminal abuse. When even 10-cent transactions are targeted, it should concern everyone about what’s occurring in larger government programs.
How Fraudsters Stole Money from Venmo Users

How Fraudsters Stole Money from Venmo Users

In yet another example of the creativity of fraudsters exploiting security flaws in commonly used services, the Federal Trade Commission recently announced a settlement with Venmo, the popular money exchange service. The charges, filed in 2016, include some surprisingly basic security flaws in Venmo, which boasts of “bank-grade security”.

One major problem was found in Venmo’s cash reconciliation process. It would notify users that money had been deposited in their accounts when, in reality, many of the transactions were still under review. This allowed fraudsters to “purchase” and receive products before their payments were validated. Sellers, assuming that cash had been received, would ship the product and then find themselves without an actual payment. One scammer used this technique over several years to steal over $125,000 before being discovered.

In addition to this security flaw, federal regulators also noted that Venmo neglected to notify users of username and password changes or when new devices were added to their accounts. This allowed hackers to hijack accounts without any warnings to the actual account owners.

While the FTC’s settlement does not include any cash damages, it is likely that Venmo will face a slew of upcoming lawsuits. Beyond this, Venmo’s issues are particularly concerning to consumers. We often assume a certain level of security and common-sense practices when we use well-known applications and services. Clearly, we should all be concerned about trusting our money and identities with any company—regardless of how safe it appears to be.
City of Atlanta Victimized by Ransomware

City of Atlanta Victimized by Ransomware

Imagine walking in to work and being handed a printed out note instructing you to not turn on your computer because of a ransomware attack. Then imagine that you are instructed to monitor your personal bank accounts because your employer is unsure exactly what information has been compromised. For city employees in Atlanta, they don’t have to imagine. They are living this nightmare after the city was hit last week by SamSam Ransomware.

The city is working with federal law enforcement after the hackers demanded a $51,000 payment to turn control of the computers back to the city. And Hartsfield-Jackson Airport, one of the busiest airports in the world, turned off their WiFi out of “an abundance of caution”.

Ransomware, which is malicious computer code that often enters networks after users click on a link in a phishing email, is the most “popular” form of malware. In effect, it renders your data unusable until you pay a ransom to reclaim it. In 2017, a business was attacked every 40 seconds and individuals were attacked every 10 seconds by ransomware, according to Kapersky Security. A recent IBM study concluded that 70% of businesses have been hit by ransomware with half paying more than $10,000 to regain their data.

Despite recent prosecutions (for example, a Russian judge sentenced the criminals behind the Blackhole malware to up to eight years in prison), it is still extremely difficult to locate and prosecute the hackers because many of them operate from overseas. And now, even novice computer users can get in on the scam via Ransomware as a Service sites on the dark web. These sites allow you to configure and run your own ransomware campaigns without having to be an expert coder.

This combination of high success rates, easy access to ransomware code, and difficulty with prosecutions means that ransomware attacks are only going to increase. As employers and as individuals, it’s critical that we remain vigilant or we’re all going to end up victims.
Ambulette Fraud

Ambulette Fraud

“Ambulette” is a term to describe the vans and cars that transport Medicaid patients to non-emergency appointments. Despite the presence of ambulettes, millions of Americans continue to miss medical appointments each year because of transportation problems. One possible answer to this problem? Rideshare companies like Uber and Lyft who sign agreements with hospitals and medical groups.

In my opinion, however, rideshare companies should proceed with caution. Fraud is rampant in Non-Emergency Medical Transportation (NEMT) and the under-the-table cash temptations may prove too strong for some drivers to ignore. Kickback schemes, billing for rides never actually given, illegal referrals, and providing rides to deceased patients are common NEMT fraud schemes.

The Centers for Medicare and Medicaid Services (CMS) recently gave a presentation on NEMT compliance and reporting requirements (which are the responsibility of the rideshare companies) and common fraud schemes. In one, a Medicare beneficiary drove patients to dialysis appointments but also provided the medical IDs to an ambulance company so they could bill as well. In another, a parent was jailed 30 days for billing Medicaid for trips for her child’s treatments. Although the parent was authorized to transport her child, the trips never actually took place.

It’s not easy for ridesharing companies to monitor their drivers’ behaviors, especially because of the flexible driver contracts and work hours. Combine this with NEMT fraud fines that often run into the hundreds of thousands of dollars and it is clear that rideshare companies may be opening themselves up to some serious problems.
An “Amazing” Contributor to the Nation’s Opioid Crisis

An “Amazing” Contributor to the Nation’s Opioid Crisis

The Sacramento Bee, my local newspaper, reported this week on an area doctor, a seemingly successful cardiologist and graduate of Northwestern’s medical school, who plead guilty and was sentenced to 52 months for illegally prescribing opioids.

After reading about Doctor Capos’s crimes, 52 months seems grossly inadequate. The sentencing judge agreed, despite acknowledging the doctor’s cooperation, stating that "It's probably giving you a break more than you deserve at this time."

The sheer volume of Capos’s crimes are alarming. In one case, he prescribed 2,640 hydrocodone pills to a single patient in 28 days. This would have required the patient to take 98 doses per day. Of course, what likely happened is that the pills were sold on the street to addicts and future addicts—some undoubtedly to our young people.

The judge called his actions an “amazing” contribution to the opioid crisis. Yet a quick look at average sentences for drug dealers reveals that convicted methamphetamine dealers average 87 months in prison. Heroin dealers average 63 months. While this “amazing” opioid dealer only received 52 months.

It seems to me that the time for talking about the opioid crisis has passed. It’s time for action and one place to start would be tougher sentencing laws on the greedy fraudsters who push these drugs into our neighborhoods.
A New Way to Rip Off the Taxpayer

A New Way to Rip Off the Taxpayer

I often mention how “impressed” I am by the ingenuity of fraudsters and their ability to find new and creative ways to steal money. And now, with the country starting to pay attention to the opioid crisis, comes word of one of these fraud innovations. This time, fraud (and to be fair, often just massive waste) is found in the escalating number of urine tests being performed to detect opioids and other drugs in patients.

Kaiser Health News, with help from the Mayo Clinic, found billing for urine screens and related tests quadrupled from 2011 to 2014 to $8.5 billion a year. The federal government paid providers more for drug urine screens than they paid for the four most common types of cancer screens combined. $8.5 billion is more than the annual budget of the Environmental Protection Agency!

It’s easy to see how this could happen. In the cases of 50 less-than-scrupulous doctors who operate their own labs, Medicare paid over $1 million for drug tests at their pain management practices. 31 of these received over 80 percent of their Medicare payments from urine tests—in other words, less than 20 percent was for patient care!

Other labs have hired sales team that employ high-pressure tactics, telling doctors to order more tests to lower patients’ risks and to protect their practices against law enforcement or medical licensing board investigations. One labs sales manager earned $700,000 in salary and commissions, and the company later had to pay $256 million to settle claims with the justice department.

While some of the data in this blog post is over two years old, opioid prescriptions (and deaths) continue to climb—the latter at about 20 percent per year. Despite the government’s enforcement efforts, I assume that the urine test cash grab is also accelerating. It’s also safe to assume that when this scheme is shut down, the fraudsters will find another way to rip us off.
Jackpotting Comes to the U.S.

Jackpotting Comes to the U.S.

We’ve written several times about skimmers, devices that thieves place into gas pumps, ATMs, and other machines to steal personal and financial information from unsuspecting patrons. Now, it seems that a form of skimming, called “jackpotting” is making its way from Europe and Asia to the states.

The aptly named jackpotting, like skimming, uses a device inserted into ATM machines to take control of the CPU and dispense large amounts of cash to the fraudsters. The thieves often dress as ATM technicians and use an endoscope to view the inside of the machine and attach their system to the ATM. They can then control the system remotely and dispense as many as 120 bills per minute to “jackpotting mules” who collect the money.

The Secret Service is now issuing warnings about the spread of jackpotting, and organized criminal gangs are targeting stand-alone ATMs in pharmacies, big box retailers and drive-thru ATMs. And, of course, thanks to the anonymity of the dark web, criminals can easily purchase the software and equipment necessary to pull off the schemes.

While still in its infancy here in the states-- in a recent week there were six attacks that stole just over $1 million-- jackpotting is quickly establishing itself as one more fraud tactic that businesses and citizens will have to watch out for. The good news in this case is that the ATMs, when hacked, appear as out-of-order to consumers. At least we won’t insert our cards and we won’t lose our data. The bad news is that institutional losses often get passed to us in the form of higher fees and more complex processes. As usual, we all pay in the end.
How Startups Benefit Government

How Startups Benefit Government

What a delight it was to read a commentary in Government Technology magazine by Rebecca Woodbury, a Senior Management Analyst with the city of San Rafael, California. In the article, Rebecca recounts her experiences working with technology startups and the benefits to the city of moving beyond a small set of traditional providers.

Rebecca argues that startups offer “simple and intuitive interfaces, don’t require costly implementation fees or long-term contracts, embody the spirit of continuous improvement, and have their eyes keenly on the future.” She goes on to state that these benefits are far more important than “the number of years a company has existed or the number of clients they have.” And she even provides ways to mitigate the risks associated with startups such as avoiding long term contracts.

Right on Rebecca! While Pondera is no longer considered a startup and we can meet the stringent financial and customer qualification requirements in public sector bids, we work hard to hold on to the EXACT list of benefits Rebecca articulated. And when Pondera was a startup, we counted on people recognizing those benefits. That’s why we would get so frustrated when we would read RFPs that asked for “innovative solutions” but required that they be implemented for at least five years! In the age of cloud computing and Agile development, the gap between business needs and archaic procurement policies has grown into a gaping canyon.

So, at the risk of inviting competitors into our market, I applaud Rebecca’s efforts and those of similar public servants who recognize that nimble, innovative startups offer compelling alternatives to large, established IT companies. I also know that competition makes all companies better. In the end, isn’t that what government wants in its partners?

Newsletter

Interested in viewing a live demonstration? Enter your email below and a member of our Sales Team will contact you to schedule a demo.

Email:

About Our Company

Pondera leverages advanced prediction algorithms and the power of cloud computing to combat fraud, waste, and abuse in government programs.



Get in touch

  • Sacramento Address: 80 Blue Ravine Road, Suite 250, Folsom, CA 95630

  • Phone: (916) 389-7800

  • Email: info@ponderasolutions.com