19 March Identity Theft: Steal Once, Use Often March 19, 2017By Jon Coss - Blog Manager General, government fraud prevention Identity Theft, Medicaid 0 A recent arrest in New York City illustrates a common fraud method that Pondera has been talking about for years: falsifying an identity (of an individual or business) and using it across multiple states, or in this particular case, across multiple subsidy programs within a state.In February of this year, the New York State Attorney announced the arrest of several individuals allegedly involved with a fraudulent medical supply company. The company’s owner operated under a false social security number and billed the State Medicaid system for an expensive nutritional formula required by patients with feeding tubes. In actuality, when they delivered the service at all, they dispensed lower-priced Pediasure to dramatically increase their profits—apparently ignoring the health consequences to the patient.But, as is often the case with bad actors, they didn’t stop there. In addition to their fraudulently obtained Medicaid profits, the fraudsters also used their fake socials and claimed income of less than $800 per month in order to qualify for Welfare payments. This despite the fact their medical “business” incomes were over $180,000 per year. It would not surprise me to learn that these same people were operating in other subsidy programs or in neighboring states.This is a disturbing, but somewhat logical, pattern that we see again and again. When someone goes to the trouble of creating a fake identity or business, they use it to generate as much income as possible. They “fly below the radar” of each individual program (or state) to avoid detection, but the fraud can be very lucrative in aggregate.The obvious solution to this is increased cooperation and data sharing across programs within a state and across states. The federal government has made significant efforts to support data sharing including the List of Excluded Individuals and Entities (LEIE), the Death Master File, and the Prisoner Update Processing System (PUPS) which can help identify claims that are fraudulently made by ineligible, deceased, or incarcerated identities.Our hope is that these efforts expand, including at the state level, where multiple agencies cooperate to identify cross-program fraud schemes. It is not enough to detect and then stop individual incidents of fraud. Many of these incidents are too small, when viewed as discrete occurrences, to warrant prosecution. Knowing this, enterprising fraudsters “sprinkle” their claims across multiple jurisdictions to avoid attention.Unfortunately, as was the case in New York, even these smaller, distributed fraud efforts can have an impact on patient health. The good news is that New York detected and put an end to this incident. But we all know there are thousands of similar cases each year. Related Posts New Age of Identity Theft Problems Remember back to last year when the IRS announced that cyber thieves stole personal data from 100,000 taxpayers? This sophisticated scheme accumulated personal data from other sites and used it to answer identity validation questions on the IRS web site to gain access to taxpayer accounts.The 100,000 taxpayers affected? The IRS revised that number later in the year to 334,000 Last week they raised the number again to more than 700,000! Combine this with the high-profile hacks at Sony, Target, Anthem, and other organizations and one thing becomes very clear: bad actors are rapidly improving their identity theft methods.In response, government agencies need to prepare for an onslaught of fraudulent tax returns, unemployment claims, Medicaid treatments, and other services. In 2015, the IRS paid out $5.8 billion in fraudulent returns. Several of Pondera’s clients also saw dramatic increases in “ghost” beneficiaries, often paired with fictitious businesses, set up solely to defraud government programs. 2016 promises to be even more problematic.As program integrity experts, we have to recognize that we are moving into a new age of identity theft problems. We can log on to YouTube and watch a music video about Unemployment Insurance Fraud. CNN has run stories on street gangs trading liquor store holdups for benefits fraud. The barbarians are at the gate and it’s our responsibility to strengthen the defenses. How to Steal $80 million Five Cents at a Time Last week, in the realm of “are there any government programs fraudsters won’t steal from”, California officials announced charges against five people who were ripping off the state’s recycling program.Four defendants are accused of accepting recyclable cans from other states, faking the paperwork, and then billing the state for refunds on the 5- or 10-cent “deposits” that Californians pay when they buy beverages in the state. Of course, Californians can redeem the cans themselves, but I’m just guessing that not many do.Incredibly, the total amount of the containers added up to $80.3 million. And, even more incredibly, this is not an isolated case. In 2015, for example, a California jury indicted another group of fraudsters for trucking over 200 million bottles and cans into California to collect $14 million in refunds.A quick check of the California Attorney General’s website reveals that the state does indeed have a Recycle Fraud Program with the objective to “detect and stop existing fraud by organized criminal groups against the recycling fund and to deter future fraud through the successful prosecution of criminal activity.”In many ways, this simply serves as more proof that even the most well-intentioned programs are subject to fraud and criminal abuse. When even 10-cent transactions are targeted, it should concern everyone about what’s occurring in larger government programs. A New Way to Rip Off the Taxpayer I often mention how “impressed” I am by the ingenuity of fraudsters and their ability to find new and creative ways to steal money. And now, with the country starting to pay attention to the opioid crisis, comes word of one of these fraud innovations. This time, fraud (and to be fair, often just massive waste) is found in the escalating number of urine tests being performed to detect opioids and other drugs in patients.Kaiser Health News, with help from the Mayo Clinic, found billing for urine screens and related tests quadrupled from 2011 to 2014 to $8.5 billion a year. The federal government paid providers more for drug urine screens than they paid for the four most common types of cancer screens combined. $8.5 billion is more than the annual budget of the Environmental Protection Agency!It’s easy to see how this could happen. In the cases of 50 less-than-scrupulous doctors who operate their own labs, Medicare paid over $1 million for drug tests at their pain management practices. 31 of these received over 80 percent of their Medicare payments from urine tests—in other words, less than 20 percent was for patient care!Other labs have hired sales team that employ high-pressure tactics, telling doctors to order more tests to lower patients’ risks and to protect their practices against law enforcement or medical licensing board investigations. One labs sales manager earned $700,000 in salary and commissions, and the company later had to pay $256 million to settle claims with the justice department.While some of the data in this blog post is over two years old, opioid prescriptions (and deaths) continue to climb—the latter at about 20 percent per year. Despite the government’s enforcement efforts, I assume that the urine test cash grab is also accelerating. It’s also safe to assume that when this scheme is shut down, the fraudsters will find another way to rip us off. Tax Fraud on the Dark Web It’s April, which every year brings more news about tax fraud scandals. The news this year, however, is even more disturbing than expected. IBM’s X-Force threat intelligence group released a report last week that showed a 6,000% increase in spam emails designed to steal information from W-2s and other tax documents. Last year, these criminals “earned” over $3 billion through similar scams. And if you were one of the victims, then you are already familiar with the hassles of having your return stolen or a completely false one filed using your identity.The continuing use of the Dark Web is a major factor behind the acceleration in this form of cybercrime. Stolen identities that include tax information are currently fetching around $40 on illicit marketplaces. While this may not seem like much, it is extremely lucrative when a fishing scam succeeds at stealing thousands of identities. So lucrative, in fact, that would-be scammers can even visit the Dark Web to buy online tutorials on how to perpetrate tax fraud.Popular scams this year include sending emails that appear to be sent from TurboTax and other tax preparation companies. The hope is that you respond because you use that tax service. So-called spearfishing scams are also targeting corporate human resource departments. They will often send an email to an HR manager, seemingly from a member of the company’s executive staff, requesting W-2 and other tax information on the company’s employees.Cybercriminals will continue to hone their skills resulting in more convincing emails and websites. They will continue to take advantage of technologies that allow them to increase the number of outbound messages. And they will continue to learn and share new techniques on the Dark Web. This means that all of us, as businesses and as private citizens, need to step up our efforts to protect data. These days, it’s no longer just “a fool and his money” who are soon parted. Jackpotting Comes to the U.S. We’ve written several times about skimmers, devices that thieves place into gas pumps, ATMs, and other machines to steal personal and financial information from unsuspecting patrons. Now, it seems that a form of skimming, called “jackpotting” is making its way from Europe and Asia to the states.The aptly named jackpotting, like skimming, uses a device inserted into ATM machines to take control of the CPU and dispense large amounts of cash to the fraudsters. The thieves often dress as ATM technicians and use an endoscope to view the inside of the machine and attach their system to the ATM. They can then control the system remotely and dispense as many as 120 bills per minute to “jackpotting mules” who collect the money.The Secret Service is now issuing warnings about the spread of jackpotting, and organized criminal gangs are targeting stand-alone ATMs in pharmacies, big box retailers and drive-thru ATMs. And, of course, thanks to the anonymity of the dark web, criminals can easily purchase the software and equipment necessary to pull off the schemes.While still in its infancy here in the states-- in a recent week there were six attacks that stole just over $1 million-- jackpotting is quickly establishing itself as one more fraud tactic that businesses and citizens will have to watch out for. The good news in this case is that the ATMs, when hacked, appear as out-of-order to consumers. At least we won’t insert our cards and we won’t lose our data. The bad news is that institutional losses often get passed to us in the form of higher fees and more complex processes. As usual, we all pay in the end. The Dark Web, Illicit Sales, and Law Enforcement Efforts to Combat Illegal Markets While I don’t often review books on this blog, I feel compelled to share my thoughts on American Kingpin by Nick Bilton, which chronicles the history of the Silk Road. For those who don’t know, the Silk Road was a market on the dark web that sold drugs, weapons, poisons, and even human body parts. By the time it was shut down in 2013, the site was selling over $1 billion per year.The book offers fascinating insights into the dark web, the libertarian creator of the site, the investigators who worked to shut it down, and the political schisms that often make it possible to run sites like the Silk Road. And of course, the book has great relevance to the fraud detection business because fraudsters often acquire identities on the dark web to create fictitious businesses, file for tax refunds, and make fake unemployment insurance claims.While American Kingpin ended with the shutdown of the Silk Road and the prosecutions of the major actors behind the market, it is important to note that similar sites continue to operate on the dark web. In fact, just days after I finished reading the book, Attorney General Jeff Sessions announced that the FBI had shut down a similar site 10 times the size of the Silk Road. At the time this site was shut down last month, it contained 369,000 listings for drugs, weapons, malware, chemicals, counterfeit items, and more.This is a sobering reminder of the challenges facing law enforcement when dealing with anonymous browsers like TOR, the Bitcoin cryptocurrency, and international crime rings. The dark web is not going away. Neither is the demand for illicit items. It will be interesting to see how this “cat and mouse” games plays out over the coming years. Comment (0) Comments are closed.