Using Social Media to Give You an Edge in Investigations


A quick search on my social media networks would tell you where I work, who my family members are, where I went to college and who my 5 year-old claims to be her “boyfriend.” Yes, social media is full of seemingly useless information like cat memes and time-lapsed cooking videos. But, what if all of those small, meaningless pieces of information added up to something bigger? According to Diana Ngo, those “crumbs” can each or all lead to that competitive edge you need when working on a fraud examination. “Social media gives me that competitive edge in investigations,” Ngo said. “It gives you a crumb that you can follow.”

Ngo is an Associate Director at Blackpeak Group, where she manages complex reputational and investigative enhanced due diligence projects. She also led the breakout session at the 28th Annual ACFE Global Fraud Conference titled, “Using Social Media for Investigative Purposes” where she highlighted the following ways you can use social media in your investigations:

  • Source of wealth research for on-boarding clients
  • Asset identification research for asset-seizing court orders
  • Whistleblower investigations for employees having undisclosed interests via family members
  • Investigating misrepresented personal or business relationships

According to Ngo, law enforcement uses social media for 80 percent of its investigations. While there may seem like an endless list of sites to consider, she highlighted the top areas of coverage to pay specific attention to:

  • WeChat: China’s Facebook. Best for finding sources. Pro Tip: You can use keyword searches for all public accounts.
  • Weibo: China’s Twitter. Pro Tip: Look at followers of a person and the people they follow for connections.
  • Instagram: A photo-sharing network. Fastest-growing application with most active users 18-29 years old. It is extremely popular in the Philippines and Singapore. Pro Tip: Every single photo has a timeline, so you can build timelines around posts.
  • Facebook: Members have the most active internet users. Pay close attention to the privacy settings: they are complicated and change frequently. Pro Tip: Use their strong search engine. You can search down to “men who went to the UCLA, live in New York and work at Deloitte.”
  • LinkedIn: Professional networking site. Made up of more males than females, people of higher incomes and higher education levels. Pro Tip: You can change the settings on your account to search anonymously.

Ngo reminded attendees to not solely rely on the information you find while scrolling and searching. According to Ngo, you still have to confirm everything you find because social media is managed by individuals. And those individuals, like us, want to represent themselves in the best way possible online. I mean, no one is going to post a video of themselves with piles of jewels and brag about a crime they committed, right?

Wearables Strike Again: Deceased Woman’s FitBit Used to Solve Her Murder


Jeremy Clopton, CFE, CPA, ACDA
Director, Forensics and Valuation Services

In what seems to be a pattern in investigations, a deceased woman’s FitBit was used to help solve her alleged murder. In this situation, the data from the FitBit, as well as social media activity, was used to disprove an account of events provided by her husband.

This story illustrates how data beyond the obvious can be used in investigations of all types. The same mentality can be beneficial to fraud examiners as well. The key is to consider all the potential data points available to help in an examination. 

Let’s consider a financial statement manipulation scheme. While you may know the user ID that posted the entry, it is important you look even further for evidence of who actually posted it. Other relevant data points may include:

  • Date/time the entry was posted
  • Workstation from which the entry was posted
  • User ID typically associated with that workstation, compared to the user ID posting the entry
  • Was the user signed in remotely or in the office?
  • Who was in the office on the date/time the entry was posted (badge access records)?
  • Was there email activity or other digital activity on the workstation?
  • Who actually logged in to the workstation from which the entry was posted?

Clearly there is a lot more information than just the date, debit/credit, account number and amount. As you approach your next examination, consider the following:

  • What is the alleged scheme?
  • What other data can help me determine what happened or who was involved?
  • Are there data sources to help corroborate or refute the allegations?
  • Do the patterns of activity match our expectations?

I’m not saying a FitBit and social media will help solve your next investigation, though I am confident there is quite a bit more data out there you may find useful to your case.

You can hear Jeremy speak on how to effectively communicate complex data next week at the 28th Annual ACFE Global Fraud Conference, June 18-13 in Nashville.

Resolve to Protect Yourself From Fraud in 2016


Sarah Hofmann
ACFE Public Relations Specialist

At the beginning of a New Year, many people set goals to embark on a healthier lifestyle. But while you promise to exercise more, or eat less junk food, it is wise to take some time to think about how healthy you are in regards to fraud. All consumers are susceptible to fraud, but many don’t know simple steps they can take to protect themselves. Here are a few simple things you can do in 2016 to protect yourself:

Pay attention to the features of your credit card
On October 1, 2015 all major credit cards in the U.S. were supposed to be switched from using a magnetic strip for authentication to using an embedded EMV chip. In theory, this change is supposed to add an extra layer of security as the embedded EMV chip would create a unique code for each transaction as opposed to just imparting the full credit card data. However, according to a survey, more than 40 percent of consumers had yet to receive EMV cards by the October 1 deadline. In addition to card issuers not sending the new cards, many Americans mistook mail containing the new cards as junk mail and threw them out.

Since transactions using chip cards are harder to hack, fraudsters will no doubt focus much more heavily on stealing data from transactions using only magnetic strip technology. If you have not received an EMV chip card from your card issuer, or if you believe you might have accidentally disposed of the card, it is important to contact the card provider right away and request that a new copy be sent. Also, if possible, try and shop in stores that have working chip-readers integrated into their point-of-sale system. The technology is not fool-proof, but it will be more likely to protect against avoidable data theft.

Be more careful about what you post on social media
It seems like everyone is now using some form of social media on a daily basis, whether it be Facebook, Twitter or LinkedIn. While these can serve as good tools to keep abreast of the lives of friends and family, or to maintain professional connections, they can also help hackers who are trying to steal identities. Something as simple as putting your full birthdate on any social media can allow fraudsters to hack into your important financial accounts. 

Some important rules to abide by include never posting your full birthdate, primary email address, hometown, driver’s license number or social security number on any public forum. It is also a good idea to have one constant answer to security questions that is not a logical answer (for example, answering “porcupine” to every question, regardless if it asks what city you were born in, mother’s maiden name etc.) Changing passwords frequently can help, as well as avoiding common password themes such as the names of pets, children or spouses. Another tip is to avoid installing or using applications made available through social media, as they often do not have the same level of security as the social media platform and create an easy back door for hackers to get through.

Protect your tax refund
Every year, hundreds of thousands of Americans request their tax refund and are told it has already been claimed. This is not a new scam, but unfortunately it continues to happen despite what controls are in place at the IRS. ACFE Guardian Award winner Brian Krebs suggests that tax payers file their taxes as early as possible in order to beat would-be thieves to the punch. Another way to prevent refund fraud is to closely monitor your credit score. Consumers can get a free credit report once every year from three different bureaus, so your best bet is to request your credit score from one bureau every four months to see if there is fraudulent activity.

If your tax refund is stolen, you can contact the IRS and fill out forms to officially alert them that the fraud has occurred. That alert can be crucial to helping law enforcement eventually catch the fraudsters responsible for the theft.

While these steps cannot guarantee total immunity from fraudsters, they are simple things that can help you make 2016 a year without fraud.

What is Career Success?


Kathy Lavinder, CFE
Owner and Executive Director of Security & Investigative Placement Consultants  
There is no doubt fraud fighters wear white hats and should take pride and pleasure in their work to prevent, detect, and bring to justice those who victimize people and organizations.   While it’s easy to tally up the monetary results, amounts saved or recovered, don’t miss sight of the really important ways to measure your work in fraud prevention, detection, and investigation.

So how should we evaluate career success?  If you’re in a reflective mood, here are some things to think about:

Consider your impact – How has your work improved lives, the operations of businesses and organizations, and altered the course of events?

Consider your initiatives – How have you imagined new solutions for old problems or taken the lead on an issue or concern that others have ignored or failed to adequately address?

Consider how your peers view you – Have you found productive ways to work with co-workers?  Have you been open to the ideas and suggestions of your colleagues and supported them?

Consider the work you still need to do – Do you need to work on some weakness or shortcoming? Are you still actively engaged in the fight against fraud? Do you remain fired up to make a difference?  Clearly, a fraud fighter’s work is never finished.

Consider your legacy – When you decide it’s time for a new career challenge, retirement, or just a new chapter in life, how will your work be evaluated by honest critics? Will they still talk about you after you’ve gone?

Now think about what is missing from this list. There’s no mention of impressive titles, lavish praise, prestigious awards, or extremely generous compensation. Taking on the mantle of the fraud fighter may not result in any of these things. Will you still be a career success? That’s a question that everyone must answer for themselves.

In a society where social media outlets provide so many opportunities for self-aggrandizement maintaining a clear understanding of personal values is vital.  Know what is important to you in your career and don’t be distracted by the flashy and noisy.   Don’t become so enamored of yourself that your LinkedIn profile describes you as a “visionary” or “unique” or “a thought leader.”  Let others employ those grand phrases to describe you — if they think you’re deserving.

When you’ve finished mentally evaluating your work, make some notes.  You can go back to them in six months, a year, or more, and take stock of what you’ve written.  You’ll see where you were at that moment in time and it may help you decide where you need to go.  If you’re in the process of updating your resume, your notes can serve as talking points to plug into the latest iteration.

Socrates said “the unexamined life is not worth living,” so you may want keep this in mind as you do a career success checkup along the way.

The Insider’s Guide to Social Network Investigations


Mandy Moody, CFE
ACFE Social Media Specialist

Tweetdeck. Statigram. Tumblr. Pinterest. These may all look like words that are missing a few crucial letters, but online, they are digital goldmines for investigators. These social networks are full of personal information, seemingly small details describing every day experiences and, essentially, bread crumbs that often lead examiners to case-breaking motives, deception or direct evidence pertaining to a fraud investigation.

If this all sounds overwhelming or out of your digital comfort zone, rest assured that Cynthia Hetherington, CFE, president of Hetherington Group, will not let you leave the upcoming 25th Annual ACFE Global Fraud Conference without the confidence to search for valuable information on a variety of social networks. Dubbed the “insider’s guide to social network investigations,” Hetherington’s Pre-Conference session, “Incorporating the New Social Media in Fraud Examinations” is full of resources, tools and search engines you can use to enhance, or even solve, your investigations.

You can look forward to walking away with knowing how to: 
•    Locate social media profiles of your target
•    Connect various accounts together
•    Understand the value of online posts and learn how to vet them

The four-hour Pre-Conference session also allows you to dig deeply into the latest online search engines and networks, and gives that extra time for questions and discussion. So, even if you can’t remember how to spell the names of social media networks like Statigram, Tumblr, OkCupid, Tweettunnel or Hootsuite, you will remember how to use them to aid in your next investigation.

Other Pre- and Post-Conference Sessions include:
•    Benford’s Law and Other Analytical Fraud Detection Techniques
•    Preparing for Civil Litigation in a Fraud Examination
•    Auditing/Investigating Fraud Seminar
•    Building a Culture of Fraud Prevention and Detection
•    Professional Interviewing Skills

You can find more details on Hetherington’s session and other Pre- and Post-Conference sessions at