Saturday, October 24, 2009

Lawyers, CAs more prone to loan fraud

ntermediaries such as lawyers, valuers, charte red accountants, statutory auditors, real estate developers and motor vehicle and agricultural equipment dealers have largely been found by the Reserve Bank of India to be involved in frauds in retail loans.

The central bank, in its report on trend and progr ess of banking in India for 2008-09, said there has be en a steady rise in frauds reported in the retail loan segment, with increase in retail loans portfolio of banks in recent years.

Banks have been asked to provide to the Indian Ba nks’ Association the na mes of unscrupulous intermediaries who aid the perpetration of frauds, jeopardising the interests of banks.

Banks are required to forward names of tainted intermediaries, including professionals involved in frauds, to IBA after satisfying themselves of the involvement of the third parties concerned and after providing them with an opportunity of being heard.

The RBI is also in the process of introducing a monitoring mechanism for identification of outlier ban ks, where there is high concentration of frauds. The level of risk residing in a bank would be determined after taking into account recoveries made, punitive action taken against staff involved and other steps taken by the bank with regards to the fraud.

The Reserve Bank of India is also in the process of framing guideli nes to ensure that the incidences of frauds are facto red in while carrying out supervisory review and evaluation process in the banks for the purpose of assessing the fraud risk in specific and operational risk in general.

RBI has decided to cover the fraud risk from now on during its quarterly discussions with banks. The RBI is also carrying out modifications in parameters for systems and controls comp onent of Camels (capital, asset, management, earnings, liquidity and systems) rating framework, which would reflect the status of a bank as an outlier or not ba sed on incidences of frauds and the strength/we akness es of banks’ associated systems and controls.

Based on the paramete rs, banks would be categori sed as outlier banks, RBI sa id. Once they are categor ised as outliers, the relevant information with regard to those banks would be taken up for any regulatory response.

Source:- www.mydigitalfc.com ; By Rajendra Magan Palande

Credit cards or misery cards?

In keeping with the spread of sophisticated life styles in the west, the credit cards phenomenon has invaded India and most people have gotten so used to it that they can not live with out it. However, unlike in the west, the dice here in India is totally loaded against the user as the Reserve Bank of India is able to do very little in securing the user, says SS Kumar.

The following are the ways in which card issuing banks try to fleece the card holder:

Late fee

This is charged randomly because of a funny rule claimed by the banks that the deadline interpreted by them is the date by which they are able to realize the funds in their account. So against a deadline of say, 27th of a month, even if you drop the cheque in to their collection box by 23rd, you could still be penalized if this bank is unable to encash this cheque before the quoted deadline. The question one might ask is, if you have dropped a cheque payment 3-4 days in advance, what control do you have on the subsequent events or delays?

One of the reputed banks was regularly playing this game with me till I caught them. I dropped two cheques with same deadline payment into the same collection box on the same day, and at the same time, for two separate banks. The second one, a bit more professionally run, acknowledges receipt of my cheque payment in time, with thanks, through sms, whereas the other one, based in Chennai wants to make a fast buck, comes back claiming a late fee, as usual. They sheepishly reversed the charges when I escalated the matter to RBI.

RBI must immediately issue a directive that when a payment deadline is mentioned as 27th of a month, the deadline should apply to the physical act of dropping your cheque into the collection box and not to the date, the bank realizes the payment, because no one controls the declaration of public holidays in the intervening period.

The quantum of late fee itself is questionable. A few years back it was just around Rs 200 or 250, today, most banks quote around Rs 650. As an extension of their greediness, they let you buy consumer durables under a specially created EMI scheme. They use this neat opportunity to not only claim late fee for a particular card, VISA or MC and separately, once more, for these so called special schemes under these cards. So you can be charged late fee more than once on the same card, because of sub sections under it.

Disputed claims

Many of the banks issuing card related monthly statements assume that the card holder does not go through the statements minutely and feel they can get away with several erroneous billings.

Here the banks have another funny rule. Even if you feel some entries in the statement have nothing to do with you, they insist that you pay the full amount first and then wait for the next two months for reversals to take place.

If the discrepancy is of the order of Rs 100 or 200, it does not pinch, but often the erroneous charge is in the order of Rs 6000 - 8000 or even more. The card holder is simply forced to watch his funds in the hands of the bank, that too earning zero interest, whereas in the reverse situation, the bank immediately gleefully charges you around 4 per cent interest per month.

Every where, outside India, say in US or Canada, the user is not required to pay the disputed amounts and can pay deducting the amounts that look questionable. RBI is blissfully unaware of this rule, and this ignorance on RBI's part encourages banks in India to rough ride on or fleece the hapless customer still further.

Biggest fraud through sale of policies on phone

The biggest frauds perpetrated by card issuing banks are through the so called sale of insurance and medical cover policies over the phone. There have been countless victims of this well rehearsed fraud that takes place with absolute regularity. It operates like this.

A lady comes on line, uninvited, starts blabbering on the unique benefits of some insurance or medical cover policy that they are marketing. You express your indignation over this sudden invasion of your precious time. To get them off your back, you tell them to send all the details through post and once you are convinced, you will get back to them. If you thought, you put a lid on the matter firmly, you are sadly mistaken. You do this because you want to get a full grab of the details including what is really in fine print.

It comes your next month's statement and surprise of surprises, she has already billed you for this medical cover even before receiving your approval. You confront her, trying to control your rage at this sacrilege, and she tells you coolly, "when we spoke on the phone, you never emphatically said no to my scheme; so we presumed you said yes and according proceeded ahead by billing you."

Now, nothing can be done, you will have to pay the entire first year's premium ! "Oh, we have a recording of our entire discussion and we can play it back for you if you like", is the last punch line. This fraud is being played on people day in day out and the pity is that the RBI is fully aware of this large scale fraud and has not done a thing about it, till date. If it comes to a real showdown in a court of law, where is the guarantee that the bank would not have doctored the recorded conversation to edit out your objections during the same telecon?

Selling policies on the phone is an accepted practice in the west but there the underlying theme is utmost honesty because the buyer can sue them in case of malpractice. Here the banks indulge in their day light robbery along the above lines because the local laws are so weak. It is high time either the RBI or the Finance Ministry or the Supreme Court woke up to the large scale fraud. There have been several hapless victims of this fraud. The government should ban this altogether and disallow the banks to charge card holders until they have a written approval from the customer.

Cross check your monthly statements

Many people assume that since the monthly card statement comes neatly printed on a ready format each month, the entries must be correct. For god's sake and your sake, please double check them. I did precisely that and found that this reputed bank was trying to fob me with an excess charge of Rs 75,000, not Rs 75 or 750, exactly, Rs 75,000!When I reported this to RBI, overnight, this bank revised downward the total outstanding against my name by this whopping amount. Remind yourself that such social parasites exist everywhere, they have no particular dress code and more often than not, they are white collared workers in such banks. When confronted by me with the facts, this bank promised to look through the matter The bottom line, I would have easily allowed myself to be fleeced if I had not been seriously reviewing their statements and become poorer by Rs 75, 000 overnight, had I not decided to confront them with equal aggression and crudeness.

Why do the banks charge exorbitant interest rates in India?

Thanks to some recent initiatives of RBI, when you apply for a personal loan, the banks have seemingly removed all the extra loadings on the sanctioned loan in terms of processing fee, one time fee etc. and they no longer talk of penalty on loans that are pre-closed.

The general interest rates in India have nose dived from a high of 15-20 per cent earlier down to around 10 per cent now. In spite of this, MNC banks charge over 40 per cent, for credit card spends, despite RBI's rumoured directive to them to charge no more than 3.1 per cent a month. There is absolutely no uniformity in these charges and some banks, like Deutsche Bank charge over 42 per cent per annum. In the US and Canada and other western countries, the rates hardly exceed 15 or 16 per cent per annum.

Why should RBI permit such a large difference in interest rates? After all the source of funds (seed capital) of these MNC banks is the west when they start their operations in India and this is obtained at a much lower insignificant rates of interest, say 2 or 3 per cent per annum, which is the ongoing bank rate for personal loans. It is high time RBI seriously looked at these vast interest differentials.

Life time membership fee fraud

Initially, when these banks brought their cards into India, the standard practice was to charge membership fee every year. Since new entrant banks were desperate to make a breakthrough, some of them waived off this annual fee for using the card. To get even, the established banks played a new trick. They came up with a scheme of a one time life membership charge for say VISA or MasterCard. If you heaved a sigh of relief after having paid this one time life time fee, you were again in for a major surprise.

Six months later, the same bank introduces a new version of the VISA or MasterCard and again debits you with a new lifetime membership fee.

The simple logic one understands is something similar to the life time tax you pay for your car. Once you have paid the life time tax for your car, you are not required to pay for it again, just because you put a new coat of paint on it or just change the worn out tyres.

So, why should this be any different in the case of lifetime membership of credit cards?

I raised this issue with RBI long time back and a response is still forthcoming.

Bottom line

It is very obvious that RBI has been totally unequal to the dubious machinations of the MNC banks in India so far and has a lot more homework to do to bring in some discipline in the working of these banks.

Unless there is a quick induction of checks and balances these banks will continue to merrily fleece the average Indian card holder. Perhaps, the finance ministry under a veteran like Pranab Mukherjee can take the quick initiative and push these reforms through RBI.

SS Kumar is CMD of ASTRAL Systems (India).

7 myths about Swiss bank accounts busted


You are watching a movie and in that a well-dressed gentleman, arrives in an expensive car and alights in front of a building whose doors are flanked with mercenary-looking guards. The gentleman walks inside and is met by a distinguished-looking elderly gentleman, to whom a series of numbers are rattled off. The man is then ushered into a vault-like facility. Welcome to the stereotypical depiction of a Swiss bank.

When you think about Swiss bank accounts, words like mysterious, secret, guarded, rich and out-of-league come to a person's mind. What many don't know is that Swiss banks are just like any bank in the world. Here are some myths which need to be shattered about Swiss bank and bank accounts.

Swiss banks only service the filthy rich

Nothing is further than the truth. Majority of a Swiss bank's clients are not major manufacturers, movie stars or heirs of businesses, but everyday people like you and me. You can open a Swiss bank account with a deposit of only 5,000 Swiss francs. Swiss banks even offer accounts with no minimum balance.

No interest on money invested

Absolutely wrong! Just like any other bank, Swiss banks also have a variety of investment options such as mutual funds, stocks, bonds, commodity and derivatives investment etc. Swiss bankers are among the best finance managers in the world, so it comes as no surprise that they manage over 35 p[er cent of offshore holdings. Moreover, owing to a very consistent financial stability in Switzerland [ Images ], your money is much better handled here.

Swiss banks are financial havens for criminals

Nothing can beat this rumour. However, for people who are unaware, Swiss bank accounts have very stringent policies on who invests money in the bank. The vast majority of Swiss bank account holders are honest people who want to keep their savings in a country renowned for its stability. Swiss banks are extremely cautious regarding politicians who wish to open an account and they systematically refuse to accept any money that is of dubious origin.

Numbered accounts guarantee anonymity

There is nothing like anonymity in Swiss banking terminologies. On the other hand, there are very strict rules over client-banker confidentiality which ensures that the number of fraudulent transactions that can happen with your account are negligible. However, the identity details of numbered accounts are accessible, albeit only to the bank manager and a few select people.

Swiss bank accounts can only be opened in person

Just like any other international bank, Swiss bank accounts can be opened through correspondence as long as you comply with their opening procedures and provide the bank with the necessary documents. Moreover, all other banking facilities such as telephone banking, Internet banking, bank transfers and credit cards are available in the kitty of a Swiss bank's services.

Swiss bank accounts are very expensive to maintain

This is not true. Most of the Swiss bank accounts don't charge a cent in annual fees. Even if you would like additional services such as retained correspondence or numbered banking relations, the annual fees are very reasonable.

But why would anyone want to open a Swiss bank account if it is like any other?

Source: BankBazaar.com

Monday, October 19, 2009

Arrest of Hedge Fund Chief Unsettles the Industry

Raj Rajaratnam


For years, whenever anyone asked Raj Rajaratnam about the success of his hedge fund, the Galleon Group, he chalked it up to being hungrier than everyone else.


“It is pride, and I want to win,” Mr. Rajaratnam said in “The New Investment Superstars,” a book by Lois Peltz published in 2001. “After awhile, money is not the motivation. I want to win every time. Taking calculated risks gets my adrenaline pumping.”

Now prosecutors are claiming that Mr. Rajaratnam, 52, crossed the line into criminal activity.

At dawn on Friday, Mr. Rajaratnam was arrested at his expensive Manhattan home, charged with running the biggest insider trading scheme involving a hedge fund. He and five others are accused by the Justice Department and the Securities and Exchange Commission of relying on a vast network of company insiders and consultants to make more than $20 million in profit from 2006 to 2009.

Mr. Rajaratnam’s lawyer has said his client is innocent. He is free on $100 million bail and is expected to be in the office Monday to address Galleon employees.

In 2007, Mr. Rajaratnam’s name arose in connection with an inquiry into fund-raising for the Tamil Tigers, the Sri Lankan rebel group that was defeated in May after a quarter-century of violence.

News of Mr. Rajaratnam’s arrest has also shaken the secretive hedge fund world, in which intelligence on companies is often shared among Wall Street analysts, traders and other investors.

“The defendants operated in a cozy world of ‘you scratch my back, I’ll scratch your back,’ ” Preet Bharara, the United States attorney for the Southern District of New York, said on Friday. He added that the case should be a “wake-up call” for hedge fund managers who even think about insider trading.

Hedge funds often use lobbyists, investigators and other connected people to dig for information about a company or industry.

Most of the information is obtained legally. But the government’s use of wiretapping and confidential witnesses in the Galleon case raises questions about when investors can act on nonpublic information. The case also signals a new zeal by authorities to clamp down on Wall Street crime after failing to detect the $68 billion Ponzi scheme by Bernard L. Madoff.

At the center of this purported insider trading ring is Mr. Rajaratnam, who rose from a technology analyst to become a hedge fund billionaire.

Mr. Rajaratnam always remained close to his homeland, Sri Lanka, which was riven by fighting between its government and the Tamil Tigers, formally known as the Liberation Tigers of Tamil Eelam. The hedge fund manager often reached into his wallet for causes related to the country. When the island was struck by a tsunami in 2004 — he had been there at the time, but was inland — he organized a charity to raise money to rebuild homes.

In 2004, he also helped raise $120,000 to buy dogs to detect land mines littered throughout Sri Lanka.

Yet his giving was not without controversy. In 2005 and 2006, the charity he created, Tsunami Relief, gave $1.5 million to the Tamil Rehabilitation Organization, a group officially dedicated to helping victims of the fighting. But prosecutors have since charged the Tamil charity with aiding the rebel group, and its nonprofit status has been suspended.

A criminal complaint filed in Brooklyn federal court in 2007 described an “Individual B” who donated $2 million to the terrorist group in 2000 and 2004. People briefed on the matter confirmed a report by The Wall Street Journal that Individual B was Mr. Rajaratnam, who was never charged. Several defendants in that case have pleaded guilty to raising money for the Tigers.

A lawyer for Mr. Rajaratnam, James Walden of Gibson, Dunn & Crutcher, said in a statement that his client was not a Tiger supporter and that the money had been spent on “rebuilding thousands of homes for Tamils, Sinhalese and Muslims without discrimination.”

Within the hedge fund industry, Mr. Rajaratnam was long known for his expansive contacts within the technology sector.

People close to the company describe the pressure within Galleon as intense, with Mr. Rajaratnam demanding long hours and highly detailed research reports.

By the time he was arrested, Mr. Rajaratnam had cemented his position as a member of New York’s financial elite. Forbes estimated his net worth this year at $1.3 billion, earning him a spot on its list of richest people in the world. He donated more than $30,000 to Barack Obama, Hillary Rodham Clinton and the Democratic Party in 2008.

And he sat on multiple charity boards, including those of the Harlem Children’s Zone and the American India Foundation.

Mr. Rajaratnam built his fortune from the ground up: born in Sri Lanka, he was sent away for schooling, including at the Wharton School at the University of Pennsylvania. He became a technology analyst at the investment bank Needham & Company, rising through the ranks to become president. In 1992, he began a hedge fund for Needham clients, many of whom were technology executives themselves.

Mr. Rajaratnam left the firm in 1997, but took the fund and called it Galleon, after the Spanish empire’s ships used to ferry gold and spices from the New World.

Several of Galleon’s employees had an engineering background, like him. Many outside analysts envied the extensive research reports their counterparts at Galleon produced, culled from regulatory filings, checkups on supply chains and sources within the companies they covered. At its peak, the firm managed $7 billion in assets, but that figure has since fallen to about $3.7 billion.

The firm made no secret that its investors included technology executives. Among them was Anil Kumar, a McKinsey director who did consulting work for Advanced Micro Devices and was charged in the scheme. Another defendant, Rajiv Goel, is an Intel executive who is accused of leaking information about the chip maker’s earnings and an investment in Clearwire.

Prosecutors also say that a Galleon executive on the board of PeopleSupport, an outsourcing company, regularly tipped off Mr. Rajaratnam about merger negotiations with a subsidiary of Essar Group of India. Regulatory filings by PeopleSupport last year identified the director as Krish Panu, a former technology executive. He was not charged on Friday.

Galleon has previously been accused of wrongdoing by regulators. In 2005, it paid more than $2 million to settle an S.E.C. lawsuit claiming it had conducted an illegal form of short-selling.

Thursday, October 15, 2009

Bracing for a New World

In a declining economy, Indian enterprises are waking up to a new world where Mobility, Virtualization and Cloud Computing technologies present new challenges and the employee is now the weakest link in the information security ecosystem

In October last year, Rajendrasinh Makwana, an IT contractor who worked in Fannie Mae (a US government-owned firm), was indicted for planting a logic bomb designed to wipe out data from the firm’s 4,000 servers. Makwana planted the logic bomb in the form of a malicious script embedded within a legitimate code. Had the malicious script managed to execute, it would have resulted in the company being shut down for a week. The reason for Makwana’s action—the company had fired him for a scripting error he made earlier. Angered, Makwana planted the malicious script on the day he was fired.


Makwana’s case is not an isolated one. For companies that feel the heat of the economic slowdown and decide to lay off staff, the ‘trusted’ employee could suddenly become a more potent threat than an external hacker.


This fact is supported by a 2008 FICCI-PwC report, in which a majority of the organizations surveyed believed that employees or former employees are a major source of security threats. Almost 47 percent of the organizations believed that employees were responsible for security incidents and 25 percent attributed them to former employees. Only 39 percent of the companies attributed negative security events to external hackers.


Virtual Threats
With the rise in virtualized environments, CIOs face a new level of complexity, as virtualization introduces another layer that needs to be secured. For example, when a hypervisor is compromised, all the virtual machines that run on the hypervisor will also be compromised.


“With modern virtualization technology, virtual machines can be easily cloned and installed on a different physical machine. The ability to go back to ‘snapshots’ of past images can inadvertently wreak havoc with the patch management process,” says Sunil Rawlani, Executive VP and Head, IT, HDFC Standard Life Insurance. Analysts also believe that a compromise of a single virtualized machine can infect all other virtual machines on a physical server.


While organizations have given employees laptops and smartphones as a means to improve their productivity, this also presents immense risks, as these devices carry critical business information. However, what is shocking is that the data on most of these devices is not encrypted. This can be a security disaster waiting to happen. Additionally, unlike IT assets which are managed by an IT asset management system, a mobile device management policy is still not in place for most organizations.


Wireless security is another weak area, and this has been proved by the increasing number of attacks on wireless networks. A survey by Deloitte Research in India revealed that around 86 percent of the wireless networks in the cities that were surveyed were vulnerable i.e. having no encryption or a low level of encryption which could be easily compromised. Thirty-seven percent of the networks surveyed were found to have no encryption. While weak encryption is the common culprit for security breaches, other security vulnerabilities in wireless networks are a result of mis-configured access points and outdated access point firmware.

Not so social
Social networking sites, which have become so popular with youngsters, are a nightmare for CIOs—especially when it comes to ensuring security. Agrees Rawlani, “Web 2.0 technologies when combined with our ‘work-from-anywhere’ lifestyle have begun to blur the lines between work and private life. Because of this psychological shift, people may inadvertently share information their employer would have considered sensitive.”


A recent survey on Web 2.0 usage in the workplace by vendor Websense highlights the emerging dangers of using social networking websites. The survey found out that in India, Web 2.0 is already pervasive in the workplace, with more than 70 percent of the organizations surveyed allowing access to wikis, and 40 percent allowing access to social networking websites such as Facebook. However, while more than 70 percent of these companies have URL filtering software, only 39 percent block Instant Messaging (IM) attachments, and only 41 percent of the respondents had a mechanism to detect embedded malicious code on trusted websites. This opens up potential doors for attackers to get a foothold into organizations, especially when you consider the fact that websites allowing user-generated content comprise the majority of the 50 most active distributors of malicious content on the Internet.


To tackle these challenges, anti-malware technologies too have grown in depth and sophistication. For example, Websense’s ThreatSeeker Network gives customers the ability to identify and classify spam posted as comments to forums, blogs or social networking sites. Comment traffic is automatically routed through a spam filtering service and every comment can be analyzed and given a ‘spam’ score. This improves the ability of enterprises to tackle spam on their blogs.


Similarly, RSA Security has a solution called ‘Adaptive Authentication.’ This solution monitors user behavior and assigns a unique risk score to the user’s activity. Whenever high-risk activities are triggered, the solution prompts the user for additional credentials. This solution is already in use in HDFC Bank, and has helped the bank reduce a huge number of phishing attacks.


Cloudy security
As more applications move to the cloud, security-related aspects will be put to the test, as increasing access points compound management challenges. Cloud Computing also highlights perceived issues that CIOs have in terms of data loss or data theft. “The key threats are in terms of the security of data at rest, compliance requirements due to outsourcing of data, recovery of data across the cloud in the event of an issue, and support for investigation of data within the cloud,” says Navin Agrawal, Executive Director, KPMG. Additionally, within the cloud, enterprises need to look at standard issues such as user access, authentication, privacy and the location where the data is stored.


It is also interesting to note that even as enterprises are worried about security issues in the cloud, service providers such as Trend Micro are leveraging the cloud for providing security-based services. For example, research indicates that more than 1,500 unique malware variants are generated every hour. If organizations fail to patch up fast enough, they will be extremely vulnerable to attacks. Trend Micro has responded to this situation by launching a cloud-based service, where the actual scanning is done in the cloud.


The new face of cyber threats
With a huge underground market for stolen credit cards, fraudsters are offering specialized toolkits and services. Thus, even common criminals, who have insufficient knowledge of sophisticated hacking techniques, can easily perpetuate online frauds. For example, in an annual online fraud report, RSA Security expects that underground services such as Centralized Trojan infections (offered via a pay-per-infection model) and All-in-One-Trojan packages (allowing people to purchase Trojan servers with corresponding botnets of infected computers) to grow at a fast pace.


Trojans have also become intelligent enough to launch new sophisticated modes of attack. For example, a study by RSA found out that hackers deployed variants of the Zeus Trojan and used the Jabber IM service to quickly transmit compromised user details. This means that as soon as a user account is compromised, it is quickly relayed in real time through IM to cyber criminals. Other techniques involve using Search Engine Optimization (SEO) methods to promote fake antivirus software. Hackers have also been quick to exploit social media such as Twitter to distribute malicious links. Twitter’s facility of providing anonymity by shortening the URL has also helped hackers to gain direct users to websites hosting malware or Trojans.


As is evident, security can never be a milestone. It is a continuously evolving journey, and enterprises have to constantly be on their guard against attacks that are quickly growing in sophistication and intent.

Source:- www.networkcomputing.in; By Srikanth RP

Job-seekers from North India fake it to make it

BANGALORE:

Recession does strange things to people. A trend recently observed shows a sharp increase in resume frauds in North India while South India and East India accounted for the lowest number of resume frauds. This uncomfortable fact was brought to light by a report released by a Background Screening and Risk Management consulting company.

The report ‘Background Screening Trends -- A Recession time study’ based on a survey which evaluated about 10,000 cases per month, by AuthBridge Research Services, evaluates the upward trend in resume embellishments as an aftermath of the recent economic meltdown.

North India accounted for:-

47% of the total discrepancies reported in country. Next in line was the Western part of the country with 32 % of discrepancies being reported from there. South and East India combined accounted for the lowest number, the report revealed.

“March saw the highest number of resume embellishments-16%

Interestingly, this was the month when the economy was at its worst,” the report said. The report pointed out that discrepancies related to previous employment were 74% of the total discrepancies of which 59% candidates lied about their tenure, designation, CTC or reporting manager.

According to the report, fake/ forged documents formed 69% of the total education-related discrepancies.
Maximum discrepancies were reported from ITeS, IT and BFSI sectors. Commenting on the report and its findings, Ajay Trehan, Chief Executive Officer, AuthBridge, said, “Job cuts, layoffs and salary cuts have been the key factors during recession instigating candidates to lie in resumes so as to bag the available job at any cost.” “The upward trend in resume frauds show that employers need to scrutinise candidate’s profile even more carefully and watch for fraudulent credentials, such as inflated or fictional employment history or educational degrees so as to secure them from the hazardous repercussions of unsafe hiring,” he added.

Rajeev Yadav, Senior Division Manager - HR, NIIT Technologies said, “While we have seen that there has been increasing number of fraud and other problems, the study has provided with factual data and it is now necessary for companies across the industry who are manpower intensive as well as that handle sensitive information to set up risk management systems in place.” The difference between the information provided by the job applicant and the information dug out by AuthBridge while conducting background checks, also known as discrepancy rate was significantly higher than normal during the peak recession period.

Source: www.expressbuzz.com ; By Jayadevan PK

Tuesday, October 13, 2009

Gone in nanoseconds: ID fraud too fast to control

One in five Australians have been victims of identity-related crime and 1.5 million people have had their credit cards illegally copied in the past year.
And so far this year, 188 Australian ATMs have been "compromised" by ATM skimming bandits who used devices to steal customer's PIN details.
Queensland Police have today hosted a National Identity Crime Symposium on the Gold Coast with police, academics and international guests discussing ways to combat identity-related fraud.
Professor Jonathan Rusch, of the United States Department of Justice, told the conference identity fraud was one of the fastest growing crimes in the world.
He said more than 1.2 million Australians have had their bank account details illegally accessed and almost the same number of people had had their personal mail stolen in the past year.
One fifth of the Australian population had been victims of identity fraud and 1.5 million people had their credit cards compromised in the past year, he said.
Professor Rusch said in the United Kingdom, one in six people were victims of identify fraud in 2007 and in the first half of 2009, identity fraud had risen by 74 per cent.
"Card not present" fraud, which included phone and internet purchases, amounted to £328 million last year, he said.
He said the digital age meant people’s personal information was travelling "in nano-seconds through the internet."
"Information flows faster than the ability to control that flow, in some cases the consequences can be catastrophic," he said.
The speed of criminal activity was also fast, he said, with 71 per cent of frauds associated with identity crime occurring in less than one week from the time the data was first stolen.
"Fraudsters are getting more sophisticated and using more attacks of opportunity whereever they can find data exposed," he said.
A recent research into convicted identity thieves found many did not understand the harm they caused their victims.
Professor Rusch said offenders saw it as an "easy, rewarding and relatively risk-free way for them to fund their personal lifestyles."
They also believed it was big corporations and credit card companies which suffered the loss, not individual victims, he said.
Professor Rusch said a particular problem for Australia was ATM skimming, with 188 ATMs in the past year compromised by criminals using skimming devices which can be used to detect ATM users’ PINs.
"Without realising as soon as you dip in your card and enter your PIN, you’ve unwittingly transmitted your information directly to the criminals who are monitoring that ATM," he said.
"They can move very quickly to counterfeit cards and run to other ATMs and start draining money out of your bank account at great speed."
The symposium will continue until Wednesday and include several guest speakers, including academics and private sector experts on identity-related fraud.
Source:- Brisbane Times

Monday, October 5, 2009

$80 MILLION PONZI SCAM - Even Friends Got Fooled

Automated teller machine

It sounded like a smart idea: investing in automated teller machines (ATMs) located in high-traffic retail locations around the country. The investors would recoup their money, plus an incredible 20-24 percent return, through the fees charged to the ATM customers. Seemed like a deal too good to pass up.

But investors should have done just that—because it was a fraud…a Ponzi scheme, to be more precise. The $80 million in investor funds raised over time weren’t used to purchase ATMs, they were used to fuel the ruse and line the pockets of the two masterminds behind the scheme.

So says a federal indictment unsealed in the Southern District of New York last week against Vance Moore, II and Walter Netschi, charged with wire fraud and conspiracy after an investigation by the FBI.

The scam. According to the indictment, Netschi and others convincingly sold the scheme to thousands of investors—mainly small private equity/hedge fund investment companies, small businesses, retirees, and even friends. Through his front company, Netschi would “sell” individual ATMs or groups of ATMs placed in areas with a lot of foot traffic—like convenience stores, gas stations, malls, and hotels.

Netschi then allegedly had the investors sign agreements with Moore’s “company” to service, process, and maintain the ATMs.

At first, investors were happy. Moore’s company allegedly sent them not only monthly financial statements listing transaction histories and fees for the ATMs, but it also wired them their share of the profits. (Little did investors know that these profits were coming not from ATM fees but from subsequent investors recruited by Netschi.)

Approximately 4,000 ATMs were supposedly purchased and serviced by Netschi and Moore, but in reality—according to the indictment—about 90 percent of these machines “sold” to investors either didn’t exist or were owned by other companies.

Then, the money to pay investors ran out—like it usually does in Ponzi schemes as they grow larger and larger and are unable to sustain themselves. For months, Netschi and Moore allegedly gave investors various explanations for the non-payments, blaming various banks and software glitches. They even went out and recruited more investors, said the indictment. But they couldn’t raise the funds they needed, and ultimately, an unhappy investor notified authorities.

And turnabout is fair play—last week’s indictment seeks $80 million in forfeiture from the alleged con artists.

How can you avoid being victimized by a Ponzi scheme? Here are a few tips:

  • Be careful of any investment opportunity that makes exaggerated earnings claims.
  • Exercise due diligence in selecting investments and the people with whom you invest—in other words, do your homework!
  • Make sure you fully understand the investment before you hand over your money.
  • Consult an unbiased third party, like an unconnected broker or licensed financial advisor, before investing.
  • Don’t be fooled into believing an investment is safe just because someone you know recommended it. So-called “affinity scams” are one of the favorite methods used to lure people into Ponzi schemes
Source: www.fbi.gov - 02/10/09

Friday, October 2, 2009

TECHNIQUES USED BY FRAUDSTERS ON SOCIAL NETWORKING SITES

TECHNIQUES USED BY FRAUDSTERS ON SOCIAL NETWORKING SITES


Fraudsters continue to hijack accounts on social networking sites and spread malicious software by using various techniques. One technique involves the use of spam to promote phishing sites, claiming there has been a violation of the terms of agreement or some other type of issue which needs to be resolved. Other spam entices users to download an application or view a video. Some spam appears to be sent from users' "friends", giving the perception of being legitimate. Once the user responds to the phishing site, downloads the application, or clicks on the video link, their computer, telephone or other digital device becomes infected.

Another technique used by fraudsters involves applications advertised on social networking sites, which appear legitimate; however, some of these applications install malicious code or rogue anti-virus software. Other malicious software gives the fraudsters access to your profile and personal information. These programs will automatically send messages to your "friends" list, instructing them to download the new application too.

Infected users are often unknowingly spreading additional malware by having infected Web sites posted on their Webpage without their knowledge. Friends are then more apt to click on these sites since they appear to be endorsed by their contacts.

Tips on avoiding these tactics:

  • Adjust Web site privacy settings. Some networking sites have provided useful options to assist in adjusting these settings to help protect your identity.
  • Be selective of your friends. Once selected, your "friends" can access any information marked as "viewable by all friends."
  • You can select those who have "limited" access to your profile. This is for those whom you do not wish to give full friend status to or with whom you feel uncomfortable sharing personal information.
  • Disable options and then open them one by one such as texting and photo sharing capabilities. Users should consider how they want to use the social networking site. If it is only to keep in touch with people then perhaps it would be better to turn off the extra options which will not be used.
  • Be careful what you click on. Just because someone posts a link or video to their "wall" does not mean it is safe.

Those interested in becoming a user of a social networking site and/or current users are recommended to familiarize themselves with the site's policies and procedures before encountering such a problem.

Each social networking site may have different procedures on how to handle a hijacked or infected account; therefore, you may want to reference their help or FAQ page for instructions.

Source:- Internet Crime Complaint Center (IC3)

Thursday, October 1, 2009

RBI for info pool to fix frauds

Mumbai :

In a bid to tackle rising frauds in the banking system, the Reserve Bank of India (RBI) has asked banks to build up a data or information pool of large-value frauds and analyse them periodically. This may act as a knowledge repository for policy responses.

The central bank has also said that in the matter of fraud investigation, banks may take immediate steps to identify staff with proper aptitude and provide necessary training to them in forensic audit so that only such skilled staff is deployed for investigation of large-value frauds.

It has been observed that the trend is more disquieting in retail segment, especially in housing and mortgage loans, credit card dues and internet banking.

Moreover, it is a matter of concern that instances of frauds in the traditional areas of banking such as cash credit, export finance, guarantees, and letters of credit remain unabated, the RBI said.

Banks are also advised to initiate necessary action at their end at the earliest.

“Banks may, with the approval of their respective boards, frame internal policy for fraud risk management and fraud investigation functions, based on the governance standard relating to the ownership of the function and accountability for malfunctioning of the fraud risk management process in their banks,” the RBI said.

Given the thin line of difference between serious wrongdoings and frauds, the bank should immediately put in place an adequately enabled and efficient ‘internal oversight framework’ that can prevent the wrongdoings and take punitive measures against the wrongdoers, the RBI said.

The Board for Financial Supervision (BFS) has felt the chief executive officers (CEOs) of the banks must provide singular focus on the “Fraud Prevention & Management Function” to enable effective investigation and prompt accurate reporting to appropriate regulatory and law enforcement authorities, including the Reserve Bank.

The board has also observed that in terms of higher governance standards, the fraud risk management and fraud investigation function must be owned by the bank’s CEO, its audit committee of the board and the special committee of the board, at least in respect of high value frauds.

Accordingly, they should own responsibility for systemic failure of controls or absence of key controls or severe weaknesses in existing controls which facilitate exceptionally large-value frauds and sharp rises in frauds in specific business segments leading to large losses for the bank.

Source: www. financialexpress.com