17 April Tax Fraud on the Dark Web April 17, 2017By Jon Coss - Blog Manager General Darkweb, Identity Theft, SPAM, Tax Fraud 0 It’s April, which every year brings more news about tax fraud scandals. The news this year, however, is even more disturbing than expected. IBM’s X-Force threat intelligence group released a report last week that showed a 6,000% increase in spam emails designed to steal information from W-2s and other tax documents. Last year, these criminals “earned” over $3 billion through similar scams. And if you were one of the victims, then you are already familiar with the hassles of having your return stolen or a completely false one filed using your identity.The continuing use of the Dark Web is a major factor behind the acceleration in this form of cybercrime. Stolen identities that include tax information are currently fetching around $40 on illicit marketplaces. While this may not seem like much, it is extremely lucrative when a fishing scam succeeds at stealing thousands of identities. So lucrative, in fact, that would-be scammers can even visit the Dark Web to buy online tutorials on how to perpetrate tax fraud.Popular scams this year include sending emails that appear to be sent from TurboTax and other tax preparation companies. The hope is that you respond because you use that tax service. So-called spearfishing scams are also targeting corporate human resource departments. They will often send an email to an HR manager, seemingly from a member of the company’s executive staff, requesting W-2 and other tax information on the company’s employees.Cybercriminals will continue to hone their skills resulting in more convincing emails and websites. They will continue to take advantage of technologies that allow them to increase the number of outbound messages. And they will continue to learn and share new techniques on the Dark Web. This means that all of us, as businesses and as private citizens, need to step up our efforts to protect data. These days, it’s no longer just “a fool and his money” who are soon parted. Related Posts Why It’s Important To Be Nimble When Fighting Fraud Fighting fraud is an interesting challenge. When an organization shuts down a fraud scheme, bad actors don’t suddenly become good citizens. Rather, they evolve. They evolve by designing and testing new methods that, when they succeed, are exploited until they too are detected and shut down. In fact, many of the more enterprising fraudsters proactively try out new methods to avoid any “breaks in revenue”. This constant game of “whack-a-mole” is well known to program integrity staffs.This ever-changing nature of fraud schemes demands an ever-changing detection system. If an organization’s fraud detection methods look more or less the same as they did the year before, I can almost guarantee you that their fraud rates have returned to the levels prior to the introduction of the detection systems. Bad actors will simply find another way to conduct their business.For these reasons, it is important to be nimble in fighting fraud. Complex technologies and massive data warehouses will lose effectiveness over time. If it takes a year to negotiate a change order, to deploy new technologies, or to integrate new data sources, literally billions of dollars in improper payments can be lost. The trick is to stay even with or just a “step” behind the bad actors, not miles behind.While all state agencies want to choose the right partner to help them with their fraud detection efforts, I would challenge them to ask themselves the following questions: How easy is the company to work with? How willing will they be to incorporate new technologies (even if not their own)? How important is fighting government fraud to their company versus everything else they do? How passionate are they about the problem? Honest answers to these questions will reveal a lot about the future success of your efforts. Congress Turns its Attention to SNAP Trafficking Fraud A few months ago, I wrote an article offering our support to the USDA Food and Nutrition Service (FNS) as it rolls out a new program offering online access to groceries for Supplemental Nutrition Assistance Program (SNAP) recipients. My main concern with the new initiative was that FNS cannot provide an accurate SNAP fraud rate because of unreliable data coming in from the states. And we all know that offering goods and services online presents even more opportunities for fraud.Now Congress is asking FNS additional questions in a letter sent to them on February 8th. Outlining the lawmakers’ concerns, the letter points out that as many as 10% of retailers who accept SNAP EBT cards participate in illegal trafficking schemes. These schemes pay recipients a discounted amount of cash or unapproved grocery items in exchange for their cards. They go on to point out that total annual fraud in the program is over $858 million.The massive size of the SNAP program is one of the major reasons, historically at least, it is so difficult to detect fraud. In 2016, the program distributed $67 billion in benefits to 44 million Americans through 260,000 authorized retailers. Interestingly though, as much as 85% of the retailer fraud is committed by small grocery and convenience stores, or even flea markets like the one in Opa-Locka, FL that we recently wrote about.With the advent of cloud computing and advanced analytics solutions, FNS now has access to the tools required to make a real difference in their fight against fraud. And by addressing the retailer side of the equation, they will also find, through association, many of the fraudulent individuals in the system as well. It would certainly make sense for FNS to leverage modern fraud detection technologies at the same time that they offer online access to groceries.It is also important to note that the number of SNAP program retailers and recipients, while large, is very manageable. Consider that at Pondera we’ve performed equally complex fraud analytics on Medicaid programs with as many as 200,000 providers and Unemployment Insurance systems with over 1,000,000 employers. And when one considers that the overwhelming majority of SNAP trafficking fraud occurs in a concentrated subsection of small and medium retailers, the problem becomes even more manageable. Ugly Case of Health Care Fraud A few weeks ago, I published a blog post titled “Money Obtained Fraudulently is Rarely Used for Good Purposes”. In it, I made the argument that government fraud is a serious, and at times very ugly problem. Now I no longer have to make that argument because the United States Justice Department is making the argument for me.Last week, the Justice Department announced the largest health care fraud case it’s ever prosecuted; one that defrauded over $1 billion over the past 14 years. The alleged perpetrators of the fraud are said to have leased private jets and chauffeured limousines. One even bought a $600,000 watch! Remember, this is your tax money we’re talking about. The system ran on a complex network of bribes and kickbacks.And if that’s not enough, here is one of the schemes they allegedly ran. They “treated” seemingly healthy, elderly people with medications they did not need in order to create addictions which would lead to further treatments. Pure evil. Unfortunately, fraudsters are most active where large amounts of money meet vulnerable populations. This is yet another example of that and more reason for us to do what we do. Ebola Relief Fraud As a country, we have become accustomed to reading stories about fraud in healthcare, financial services, and government programs. It doesn’t make it right, but it’s certainly not new. Now though, news comes from the American Red Cross that $5 million of Ebola relief funds were fraudulently disbursed on overpriced supplies, fake customs bills, and even non-existent aid workers. These scams will be familiar to regular readers of this blog as they are similar to scams run against domestic subsidy programs. But Ebola relief efforts?Between 2014 and 2016, Ebola raged through parts of Africa, claiming over 10,000 lives in Liberia, Sierra Leone, and Guinea. In response, the Red Cross collected and distributed over $100 million in aid, while doctors, nurses, and other volunteers risked their lives to save those suffering or at risk from the disease. Into this tragedy, naturally, came the fraudsters who recognized an ideal opportunity given the large amounts of aid money and the necessarily lax controls over disbursements.Now the Red Cross finds itself having to apologize to donors who realize that 5% of their contributions were stolen. While I don’t know all the details about the Red Cross’s financial controls, I can only imagine how difficult a task it was to make sure money was distributed quickly to only well-intentioned people and organizations.If anything, I believe this is one more reason for strong enforcement of criminal fraud after it has been committed. Trying to prevent fraud by adding bureaucracy and controls to the funds distribution process would likely add to delays during an emergency. Rigorous investigations and strong prosecutions, on the other hand, could act as a deterrent to future fraud. If not, at least it would prevent these fraudsters from plying their “trade” during other disasters. Binary Nature of Fraud Big data analytics and the predictive engines they spawned give Internet companies a way to monetize the online experience. By tracing online behavior, companies can target advertising, promotions, and point of sale opportunities based upon past buying decisions. Online habits of Web users can be associated with ideologies, interests, and values. Increasingly sophisticated probability engines predict future buying decisions with enough accuracy to fuel a dramatic increase in online sales and commerce over the past decade. Analysts use temporal versions of these tools to forecast market trends and evaluate risk.In the fraud detection market however, early attempts to detect fraudulent behaviors using these same probabilistic engines have achieved limited success.What makes detecting fraud different than detecting interests, values, and ideologies? The simple answer: Fraud is binary in nature–either a particular sequence of behaviors is fraud or it is not. For example, if an individual provider of medical services submits claims to an insurance company for 5,000 hours of services in a week (an instance from actual data), there had better be around 100 employees licensed to provide that service. If there are only three or four employees with the required licenses, the provider has committed fraud. Probabilistic engines struggle to detect fraud because they are not capable of modeling this“all or nothing”nature of violating a law.At Pondera, we still make use of predictive analytics. But rather than detecting absolute fraud, we use the algorithms mostly to inform our fraud scores and to detect emerging fraud methods.Once reliable methods of detecting fraud have been developed, predictive engines can also play an important part in helping insurance companies, financial institutions, and government agencies prioritize targets of investigation. Predictive models can identify the highest value targets that will recover the most money or disrupt the largest criminal organizations. Cigarette Fraud Last week we wrote about charges being brought against a group of alleged fraudsters in California that were trucking thousands of cans and bottles into California to collect the state’s recycling refunds. This week, just so no one feels left out, we’re bringing you a story from the East Coast that deals with cigarette fraud. That’s right… cigarette fraud.As you probably already know, the price of cigarettes varies dramatically from state to state because of the taxes imposed by each state government. For example, in Virginia, where the state has an excise tax of only $0.17 per pack, the average price for a pack of cigarettes is $5.25. New York, on the other hand, adds taxes of $4.35 per pack helping to drive the average price per pack to $12.85. That’s a difference per pack of $7.60.So what does an enterprising fraudster do? Buy cigarettes in Virginia and sell them in New York of course. This is illegal but it apparently didn’t prevent a 26 year old man from driving through Pennsylvania with 7,750 packs of cigarettes purchased in Virginia. That’s over 150,000 individual cigarettes so likely not just for his personal use. That might explain why the Pennsylvania state trooper who pulled him over said the driver was “very nervous, shaking and avoiding eye contact with me at all cost.”The man is now free on bail but facing felony charges. I guess you never know what’s in the truck you pass on the freeway. Last week it was aluminum cans and plastic bottles. This week it’s thousands of cartons of cigarettes. Next week? Comment (0) Comments are closed.