Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
I read with great interest a recent article about card skimmers that were found at “The Stop and Shop” gas station where I often fill up my tank. While they were discovered relatively quickly, more than a dozen customers were scammed. Several of them had their entire bank accounts wiped out.
Skimmers, for those of you that are not aware, are malicious card readers that take data from your credit or debit card’s magnetic stripe. The data is stored on a drive where it is stolen, requiring the fraudsters to return to pick up the data files. They can then clone your card or just steal directly from your accounts. What makes them so effective is that the skimmers don’t interfere in the actual transaction, making you think that you’re just filling up your tank like you have hundreds of times before.
Turns out that skimmers are growing both in popularity and sophistication. Through the first half of last year alone, skimmer use grew 21% which was on top of high growth rates the year before. In Florida, authorities found 315 skimmers during this time period, triple the number found in the same period the previous year. Considering that 29 million people use credit or debit cards to pay for gas every day, this is certainly a rich target market for fraudsters.
To take advantage of this opportunity, fraudsters continue to improve the skimming devices. They are now almost undetectable by the average citizen. So what do we do to keep our information safe? Authorities suggest visually scanning the card readers for anything unusual, tugging on the reader to see if it is loose, and checking for forced entry into the pump itself. There are even smartphone applications that use Bluetooth to help discover skimmers. Of course, you can also simply pay the attendant for your gas.
This is just one more case of honest people being inconvenienced, at best, or ripped off, at worst, by tech-savvy fraudsters. And because the use of skimmers is sure to increase over the next several years, we all may want to think twice about “paying at the pump”.
Several months ago, we wrote a post about the self-proclaimed “Mr. Social Security”, Kentucky attorney Eric Conn, who fled prosecutors in the face of a 12-year prison sentence. Conn had concocted a scheme where he bribed a judge and a psychologist to defraud the Social Security Administration out of $550 million. The colorful Mr. Conn made flamboyant claims on television ads and attended events with “Conn’s Hotties” (his words, not mine) to drum up business.
After cutting off his electronic monitoring ankle device in June, Mr. Conn had been spotted in various locations around the western United States. Now, it appears his days on the lam have come to an end as Honduran authorities arrested him outside a Pizza Hut restaurant. U.S. authorities are now working to extradite him back to this country.
While Mr. Conn’s experience certainly contains elements of humor, Social Security Fraud is a serious subject. Recent estimates peg the annual amount at around $10 billion per year. About half of this is in Mr. Conn’s “specialty” area of retirement, survivors’ benefits, and disability insurance.
At a time when people are replacing credit cards and ATMs with their smart phones, it seems that California is recommending increased use of armored cars. The reason? On January 1st, recreational marijuana will be legal in California but still illegal at the federal level requiring marijuana business to pay their sales taxes in cash.
The issue is that banks are still unsure of how to handle marijuana businesses’ money without being subject to prosecution for issues like money laundering. The Justice Department has issued “guidelines” to banks on how to avoid prosecution but most banks don’t consider guidelines as legal protection. And not surprisingly, the guidelines are confusing and incomplete. This leads to a cash-based business, which in turn creates the potential for fraud, money laundering, underreporting taxes, and a whole host of other issues.
In California, the marijuana industry is expected to grow to as much as $7 billion a year in revenues. In anticipation of this, State Treasurer John Chiang formed a task force to figure out how to collect and transport the funds. Their recommendation, among others, was armored cars. Ugh. But who can blame them? Colorado tried to set up a credit union specifically for the marijuana industry but it was denied by the Federal Reserve in 2015. So, there’s not a lot of great options out there.
I, for one, will be closely watching the rollout of legal recreational marijuana. With a healthy tax of around 15%, a University of California Agricultural Issues study claims that 29% of marijuana users may choose to buy the drug illegally. Those sales likely won’t be reported, won’t be taxed, and won’t end up in armored cars.
Anyone who has recently attended college or has a family member in college likely has some familiarity with student loans. In fact, 40 million Americans currently have student loans totaling an astounding $1.2 trillion dollars. Many of those who have applied for loans have been victimized by methods such as “advanced fee scams” that promise the best rate for an upfront service fee, or the ever-present loan elimination scams.
With easy access to stolen identities, fraudsters are now targeting the more lucrative loans themselves. Using stolen IDs, they enroll in classes which they, of course, never attend. Loans are made by the government, payments are not, and the unsuspecting “owner” of the loan goes into default when the fraudsters don’t make their payments.
In Grand Rapids, Michigan, a man was indicted last month for this exact scheme. He faces up to 20 years in prison for allegedly using stolen IDs to steal $150,000 in loans and grant aid. A quick check of the government’s paymentaccuracy.org website shows that he is not alone. Between the William D. Ford Federal Direct Loan Program and the Federal Pell Grant Program, $6.1 billion was improperly paid in 2016 alone.
While many of the improper payments are made to people who simply do not qualify based on income, an increasing number of loans are being made to outright fraudsters. Some estimates place the number of known fraud ring participants as high as 85,000 people. This victimizes the taxpayer, of course, but even more directly the person whose identity is stolen. It can take months or even years to clean up your credit. That’s one lesson I hope I never need to learn.
A recent spate of high profile arrests of dentists is drawing attention to an often-overlooked segment of Medicaid fraud. Some unscrupulous dentists are exploiting gaps between what private insurers reimburse versus what Medicaid will pay for. Others are just brazenly breaking the law to rip off state Medicaid programs.
Consider these recent charges brought against dentists:
An Anchorage, AK dentist was charged with 10 felonies. His “care” included performing a tooth extraction while videotaping himself on a hoverboard. Naturally, he had to text the video to friends. He is also accused of giving expensive, and unnecessary, IV sedations to Medicaid patients and then performing unneeded procedures on his passed-out patients. Since private insurance rarely pays for IV sedation, he only performed this fraud scheme on his Medicaid patients.
A Fairfield, CT dentist who saw mostly elderly and indigent patients is accused of ripping off more than $900,000 from Medicaid by billing for services that he never performed. One hint that he may have not been acting honestly: he billed for both a cavity filling and denture procedure on the same tooth!
An Atlanta dentist was sentenced to 18 months in prison earlier this year for defrauding nearly $1,000,000 from Medicaid. Her unique talent included the ability to perform dental procedures in Atlanta while she was traveling out of the country.
Unfortunately, these cases simply support our premise that fraud will exist anywhere substantial amounts of money are exchanged in complex billing and regulatory environments. These, and other similar cases, serve as a warning that we must monitor literally every medical specialty reimbursed by Medicaid.
In their never-ending quest to circumvent the law, unscrupulous business owners are now adopting the use of so-called “zapper” software to avoid paying sales taxes. Zapper software automatically deletes a portion of cash sale transactions and then automatically reconciles the business’s back end finances to make it appear that the businesses paid the appropriate amount of taxes. This scheme reduces tax collections for governments and passes the burden to the vast majority of businesses who choose to act within the law.
Thanks to a crackdown by federal and local officials, recent arrests include $1 million in unreported sales at Cesar’s Restaurant in Lakeview, IL (home of the “killer margarita”) and $800,0000 at the Lao Sze Chaun restaurant in Milford, CT. However, a simple Google search will reveal that almost no city is immune to the zappers.
Zapper software is so popular that some businesses are now starting to offer it to their clients. In December, for example, a Canadian man pled guilty to selling zapper software to eight restaurants in the Seattle area leading to $3.5 million of taxes avoided. It is alleged that his company, which sells Point of Sale (POS) software, also sold the illegal zapper software through a subsidiary in China. After the sale of the software, they even offered to support their customers with their ongoing efforts to defraud the government.
Zapper software, while somewhat novel, is just another attempt to apply technology to skirt the law. And while law enforcement training and targeted audits will surely help detect some of these modern-age fraudsters, analytics that use peer comparisons, spike indicators, and other statistically rigorous detection methods can also help detect the problem early. Like the old saying goes, it takes fire to fight fire.
As the residents of Houston and surrounding areas continue to struggle with the devastation caused by Hurricane Harvey, history shows us that problems will continue long after the homes and businesses have been repaired. Every large natural disaster in this country follows the same pattern: destruction brought on by the disaster, followed by looting and price gouging, followed by huge amounts of fraud committed in the chase for assistance money.
In Texas, all three seem to be occurring at once. We’ve all seen the heartbreaking images and videos of families who have lost everything, unfortunately including those who lost their lives. We’ve also seen the inspiring stories of ordinary people that risk their lives to help a neighbor, a stranger, or a lost family pet.
Now, of course, the looting stories are beginning to circulate. In this case, it appears that law enforcement is doing all that it can to protect life and property, including announcing mandatory jail time for all thieves and burglars. However, the scammers are wasting no time setting up Facebook pages and sending out tweets with links to “relief organizations” that are actually designed to steal money from those who want to help.
I have no doubt that this fraud activity will only increase. Consider these examples following previous disasters:
- Dozens of people were convicted of using fraudulent psychiatric claims following 9/11 to steal up to $50,000 per year in Social Security disability payments.
- A New Jersey man was one of hundreds to receive relief funding (in his case $171,099) after falsely claiming his primary residence was a home damaged by Hurricane Sandy.
- An Alabama woman filed 28 claims for disaster assistance in 5 states following Hurricane Katrina.
Unfortunately, fraud thrives at the intersection of vulnerable populations and large amounts of money. And Hurricane Harvey creates this intersection by displacing so many families, by invoking a government response, and by tapping into the giving spirit of caring Americans.
Even more unfortunate is the fact that most of the fraud will go undetected and unprosecuted. Consider that the vast majority of the 22,000 cases of potential fraud passed to the government's Katrina task force were never prosecuted. And it is likely that FEMA collected less than 5% of the estimated billion dollars of fraud following the Hurricane. Only by increased enforcement and stricter sentencing will we be able to break this heinous pattern. And, to me at least, this is a pattern worth breaking.
It has been an interesting few weeks for the Supplemental Nutrition Assistance Program (SNAP), formerly known as the Food Stamp program, with two high profile busts. Both cases illustrate common schemes used to defraud the SNAP program, which distributed over $70 billion in food-purchasing assistance last year to 44 million Americans.
In Georgia, two convenience store owners used stolen identities to apply for SNAP benefits which were then loaded onto EBT cards (similar to credit cards) and mailed to addresses they controlled. Once received, they swiped the cards at their own convenience stores and pocketed over $800,000 before being caught. The U.S. Attorney assigned to the case said, “They used the SNAP system as an ATM for their personal gain, diverting critical benefits that help those who need assistance in our communities.”
Then, in Delaware, seven case workers at the Department of Health and Social Services were indicted for creating 100 fake accounts and cashing $959,000 in benefits. After creating the accounts, the case workers had the EBT cards mailed to state service centers where they simply intercepted them and used the cards themselves. Their scheme was detected when a supervisor noticed incomplete application data for one of the cards.
The Georgia case illustrates just how easy it can be (at least for a time) to use stolen identities to defraud government programs. Even if the suspects hadn't owned the convenience stores, it would not have been difficult for them to find one that would pay them a discounted price in cash for their cards.
The Delaware case is one we commonly see across states and programs where unscrupulous employees use their knowledge of the system to defraud their own government agency. Large amounts of money, combined with loose supervision, often prove too tempting for those with questionable morals.
A quick check of the government’s fraud reporting website, paymentaccuracy.gov, reveals that improper payment rates for SNAP are still not posted because of reporting problems. I look forward to updated numbers when they are available because even a small number like the 3.2% reported rate for 2014 translates to over $2.2 billion per year in improper payments.
After one of the nuttier fraud busts in recent memory, the FBI is searching for former Kentucky attorney Eric Conn, who recently pled guilty to committing over $600 million in Disability Insurance fraud. For 10 years, Conn perpetrated his scheme by bribing a doctor and several judges to approve his clients’ disability claims. In all, he represented 1,700 of these claimants.
After pleading guilty and securing his $1.25 million bail with the equity in his home, the appropriately named Conn simply cut off his GPS monitoring bracelet and skipped town. He unfortunately had to leave behind his mobile home law office including his replicas of the statue of Liberty and the Lincoln Memorial he kept out front.
In his time as an attorney, he hired B-list celebrities for television commercials and described himself as “Superman without a cape” ... and without a conscience apparently. He even performed rap songs in English and Spanish, claiming that he learned Spanish off a tape.
Two aspects of this case really bother me, outside of the crime itself of course. One is that Conn could commit such brazen fraud over a period of 10 years without being prosecuted. The other is that his bail was set low enough that he was easily able to take off.
Both of these facts illustrate the struggles that many of our clients face when dealing with fraud. Until we, as a country, decide to provide more funds to quickly detect fraud and decide to impose more serious penalties to those who commit fraud, we’ll continue to read about these cases. For now, I can only hope that the FBI catches up with Conn before he is able to do more damage.
I read with great interest the story this month about a woman who cheated her way to a second-place finish in the Fort Lauderdale half marathon. After posting a time of 1 hour and 21 minutes, the website www.marathoninvestigation.com revealed several problems with the woman’s results including: the race statistics she posted to a website were manually entered (versus those calculated by her GPS), a second set of results she posted seemed more consistent with a bike ride, and a zoomed photo of her post race wristwatch revealed that she ran only 11.65 miles of the 13.1 mile race. This evidence led to an admission and apology by the runner.
What I find interesting about this incident is how indicative it is of the ever-increasing power of data. While runners collect data to help them train and perform better, it can also be used to uncover cheating and fraud. This is no different in government subsidy programs, like Medicaid and welfare systems. Governments collect data to help them improve service delivery to their constituents, and with modern technologies, the data can also reveal fraudulent anomalies and patterns.
Of course, bad actors who want to defraud programs are aware of the increased use of data to catch them. Gone are the days when they can blatantly abuse government systems knowing that the size and complexity of the programs would make it nearly impossible to catch the cheats. In running, who would dare to repeat Rosie Ruiz’s 1980 Boston Marathon “victory” where she was spotted riding the subway with her runner’s bib?
Instead, bad actors often “fly under the radar” – stealing smaller amounts over longer periods of time to avoid being noticed. Second place in the Fort Lauderdale Marathon is certainly “under the radar” compared to a victory in the Boston Marathon.
So, now that our fraud detection capabilities can catch bad actors who boldly fly above the radar and those who strategically fly below the radar, one would hope that it would lead to decreases in fraud attempts. But I also know that making fraud harder to commit rarely turns fraudsters into honest and contributing members of society. It just makes them work harder. This simple fact provides us with the incentive to continually improve on our technologies and approaches. This is one war we fully intend to win.