Article

Fraud and Computer Forensics

Sad to say, but we live in an age when committing an act of fraud or exploitation is as easy as a key stroke, but with the proper protocols in place, criminal activity against a company can be mitigated.

Learn More
< Back to Insights
Insights  <  Fraud and Computer Forensics

Sad to say, but we live in an age when committing an act of fraud or exploitation is as easy as a key stroke, but with the proper protocols in place, criminal activity against a company can be mitigated.

Fraud investigations can be a painstaking and lengthy process, with computer forensics playing a large role in most of these criminal probes. In fact, our litigation support services team employs computer forensics in nearly every fraud assignment we receive.

Obtaining e-evidence is critical to an investigation, often resulting in proof positive of guilt or innocence. Evidence in financial files can indicate fraud or IRS violations, but the key is knowing what to look for and where to find it.

Forensics investigations typically begin with a computer’s hard drive – the gold standard in locating every file ever created, saved, downloaded, sent or deleted on a PC or laptop. But in the absence of access to the computer there exist many other options with which to foil a perpetrator, whether or not a wrongdoing was intentional or inadvertent. The cloud or a flash drive provides entry to all stored and deleted material, as does a cell/smart phone or some other personal digital assistant device.

Breaches and resulting fraud can occur no matter how stringent the policies and procedures put in place to prevent these acts. Sometimes, the chief violator of a company’s protection policies is its own IT personnel, whose good intentions can result in exploitation from the outside. As example, a CEO contacts the company IT department head on a Sunday night seeking access to the company’s system. In an attempt to please the boss and provide remote access quickly, some protocols may be diverted, leaving the company’s entire network an open target.

Regardless of breach protocol strength, a company’s Achilles heel may be vendors. If they have access to the information you’re trying to protect, those protective procedures have to be just as strong with vendors as they are with your staff.

The human factor is a significant part of the investigative process. The breach has been detected, but now comes the exploratory element. Was it targeted from the outside or was it an exploited “inside job?” Here is where updated background checks on both your staff and vendor personnel enter the picture. Your HR department may have done due diligence with CORI, etc. checks when people came on board, but have there been updated checks?

Social media is another spoke in the potential fraud roulette wheel. Employees may unintentionally include sensitive information about the work place on their Facebook, Instagram, or other social media accounts, opening up the company for any number of security breaches. And it’s not just what an employee posts that could lead to vulnerabilities – cyber criminals will also scrutinize reply posts from friends that might contain valuable information.

Phishing, blast emails, a too-quick link-click – all these “invitations” can lead to a virus that could temporarily shut your business down or worse. The importance of mandatory staff training to educate employees on the dos and don’ts of electronic communication cannot be overstated.

Sad to say, but we live in an age when committing an act of fraud or exploitation is as easy as a key stroke, but with the proper protocols in place, criminal activity against a company can be mitigated.

Continue the Conversation with Our Team
Get in touch with us.

Contact Us