Three abnormal lurking places for digital fraud

Data is the lifeblood of most modern day businesses, but it presents a challenge in that it is portable, easily manipulated and relatively effortless to duplicate, so here are the abnormal places that digital fraud attacks may lurk.

Countless businesses are susceptible to data vulnerability, be it from a planted mole, or a disgruntled employee or someone trying to get a foot-up in their new position.

When it comes to responding to a situation, which includes seeking appropriate legal advice, the most important task at-hand is to secure any or all evidence in a forensically sound manner to enable a full investigation and to prevent data loss.

Normally investigations focus on: a) what activities individuals have undertaken on a computer and; b) whether any data had been transferred from the computer in an unauthorised manner.

However, businesses should be aware that vital data can also lurk outside of these normal places. Below are three examples of investigations that have gone beyond the norm and have been instrumental to legal cases.

The true cost of cyber crime and why SMEs are a target

(1) Skype and WhatsApp

On one occasion, three key people from different countries within our clients business resigned at similar times to join a rival, which subsequently made a sustained effort to penetrate a new market.

The suspects were probably conscious that emails would be monitored and therefore turned to Skypes chat functions. We were able to rebuild their conversations, and found that the dialogue was unguarded and open.

In addition, one of the suspects had synchronised his iPhone with his work computer, creating a backup that allowed his WhatsApp messaging conversations to be recovered and analysed. When this was combined with the Skype data and other nuggets of information, the case unraveled and significant damages were recovered.

Continue reading on the next page for the remaining lurking locations and what to do if you suspect fraud.

(2) Cloud

In a similar case, a key employee within our clients business handed in his notice and announced he was setting up his own business. Despite making assurances to the contrary, it turned out that he was entering into direct competition armed with our clients proprietary information.

One of the first telling signs of fraudulent activity came to light through the analysis of the network logs, which seemed to indicate that there was unusual amount of traffic occurring during the nights proceeding his announcement. Subsequently, the legal team obtained a court order that allowed us to forensically image data from the suspects home and his new business address.

During this process, not only did we discover the storage device,” but we also found evidence of how the information had been amalgamated into the new business. As a result, our client was able to secure a favorable legal settlement.

From phone calls to online: Preventing fraud across all business channels

(3) The back door left wide open

Thirdly, when one of the lead coders left our clients employment to engage in a new venture, everything at first seemed to be amicable. However, two chance conversations suggested to our client that all was not what it seemed. The coder had joined a new company that appeared to be competing with our client and it seemed to have developed a similar solution in a fraction of the time it had taken our client.

A closer examination of all the systems and the evidence contained upon them highlighted that not only had the coder connected devices from his home to the clients systems, but data transfers to his home had continued long after he had left, allowing him to continue to monitor his old employers development activities.

During subsequent legal proceedings, the coders new company had to hand over versions of their source code for analysis. On first glance, the code appeared very different from our clients code, however, as our analysis progressed, we noticed that their code had originated from our clients proprietary intelligence. In the end, the coders new company had to withdraw its product from the market and pay substantial damages.

What to do if you suspect digital fraud

Data leaves its digital fingerprints in many different places. These fingerprints can allow an investigator to unearth vital evidence and intelligence to get to the facts.

However, it is vital that businesses suspecting foul play avoid interfering with the evidence and thereby damaging a potential case. Instead, they should take the following steps:

  • Do not turn on the device no matter how tempting it is to have a look
  • If a computer is on, turn it off directly at the power switch; do not use the shutdown command; if a server is on, power it down
  • Freeze the scene and ensure that the computer/device and any digital media is securely stored
  • Try and identify the user and other potential media
  • Call an expert as soon as possible

Phil Beckett is an MD with Alvarez & Marsals Global Forensic and Dispute Services practice in London

These are the tricks of the trade to avoid cyber scammers.

Share on social media

Link copied to clipboard.