In today's post-COVID landscape, where remote work is commonplace, the risk of employment-related fraud has surged, posing significant challenges for organizations worldwide. At the 35th Annual ACFE Global Fraud Conference, Christopher DeAngelis, CFE, vice president of enterprise fraud strategies at Zellis, addressed this pressing issue in his session titled, "Are You Sure Your Remote Employee is Real?" 

DeAngelis opened the session by highlighting a 2023 study by InCruiter, which revealed a stark increase in virtual interviews, with 90% of companies now incorporating them into their hiring processes compared to just 25% before 2020. This shift has inadvertently created opportunities for fraudsters to exploit vulnerabilities in remote hiring practices. 

Employment-Related Fraud 

The discussion centered on various forms of employment fraud, categorizing them into three main types: third-party bad actor targeting victims for theft or manipulation, employer-driven fraud affecting employees and fraud committed by employees against their employers. DeAngelis illustrated these with real-world examples, emphasizing the evolving tactics used by fraudsters. 

One notable example he cited involved a recent case in Arizona where a woman was charged with fraud for allegedly helping foreign IT workers using stolen identities to pose as Americans and gain employment with U.S. companies. The case underscores the sophisticated methods employed, from using actual identities to identity theft and creating synthetic personas. 

Infiltration Methods and Motivations 

DeAngelis also discussed infiltration methods such as identity illusion and interview proxies, where fraudsters manipulate the hiring process to gain unauthorized access or benefits. He illustrated these with cases from rental car companies, where insider access facilitated fraudulent activities like shipping exotic cars overseas under false pretenses. According to DeAngelis, “There is a really big market for fraudsters to exploit rental cars. The obvious one that you think of is rent an exotic car — expensive car — and drive it off the lot and take it to a port, put it on a shipping container and ship it overseas.” However, he clarifies that with this case, and in more common cases, people often rent cars fraudulently because they need new tires. 

In addition to infiltration methods, this session also delved into the motivations driving employment fraud, including financial gain, insider access and retaliatory actions, highlighting the diverse impacts on organizations, from financial losses and wasted resources to breaches of security and reputational damage. 

Case Study 

A compelling case study presented by DeAngelis illustrated the intricate nature of employee fraud. He explained that this case involved a hired employee who was sharing details about their job, including proprietary information, in online communities, forums and chats. This employee was allegedly soliciting advice on performing job duties for a technical role, even for basic tasks. 

To uncover the truth, DeAngelis outlined the steps taken to verify the employee’s authenticity. They investigated the employee’s email activity, internet usage and system actions. Their findings pointed to potential employee fraud, suggesting that this individual was a true bad actor, unqualified for the position they were hired for. Although the employee was a real person, they had fraudulently accepted a job they weren’t qualified to perform after being sourced by a placement firm for a contracted role. 

Further investigation revealed a crucial detail: The employee’s spouse had an extensive job history consistent with the role the employee was hired for. This led to the classification of the case as “spouse sourcing,” where one spouse, lacking the necessary qualifications, secures a job and relies on the other spouse’s expertise to perform the duties. This deceptive arrangement ultimately led to the employee’s termination.  

Internal Fraud Prevention 

To mitigate the risks associated with employment fraud, DeAngelis outlined crucial steps organizations can take. These include thorough vetting from sourcing to hiring, implementing internal fraud programs, utilizing vendor solutions for multiple integration points in the hiring journey, and establishing tip lines for reporting suspicious activities. 

Emphasizing the proactive role of internal fraud teams, DeAngelis highlighted their importance in detecting and preventing fraud within organizations. He noted that some organizations might ask, “Why do we need to worry about internal fraud? We have never had a case of it.” DeAngelis then gave an analogy as a response to this question and said, “I would say ‘Has your house ever burned down?’ And they would say ‘No,’ and I would say, ‘But you have smoke alarms, right?’ You need to have something in place that if something were to occur, you could find it.” This analogy underscores the necessity of having internal controls and measures even if internal fraud incidents haven’t yet occurred. 

DeAngelis urged organizations to remain vigilant in verifying the authenticity of remote employees, advocating for robust internal controls and proactive fraud prevention measures. As the landscape of remote work continues to evolve, the need for diligence in identifying and addressing potential fraud risks becomes increasingly imperative. By staying informed and implementing comprehensive strategies, organizations can safeguard against the complexities of remote employment fraud, ensuring the integrity of their workforce and protecting their operations from unforeseen vulnerabilities.