Procurement Fraud Schemes Flashcards

Flashcards on Procurement Fraud Schemes

Bid Rotation

Occurs when two or more contractors conspire to alternate the business among themselves on a rotating basis.

Bid Suppression

Occurs when two or more contractors enter into an illegal agreement whereby at least one of the conspirators refrains from bidding or withdraws a previously submitted bid.

Market Division

Schemes involve agreements among competitors to divide and allocate markets and to refrain from competing in each other’s designated portion of the market.

Shell companies

Companies that have no physical presence and generate little independent economic value

Need Recognition Schemes

Occurs when procurement employees convince their employer that it needs excessive or unnecessary products or services.

Bid Specifications

A list of elements, measurements, materials, characteristics, required functions, and other speci c information detailing the goods and services that a procuring entity needs from a contractor.

Bid Tailoring Schemes

Schemes occur during the presolicitation phase where an employee with procurement responsibilities drafts bid speci cations in a way that gives an unfair advantage to a certain contractor.

Bid Manipulation Schemes

Schemes occur during the solicitation and evaluation phases where a procuring employee manipulates the bidding process to bene t a favored contractor or supplier.

Leaking Bid Data

Occurs when employees of a procuring entity leak pre-bid information or con dential information from competing bidders to a favored bidder, giving that bidder an unfair advantage in the bidding process.

Bid Splitting

Dividing a large project into several small projects that fall below the mandatory bidding level

Sole-Source Contracting

A noncompetitive procurement process accomplished through the solicitation of only one source, thereby limiting full and open competition.

Defective pricing

Arises when contractors intentionally use inaccurate cost or pricing data to in ate costs in negotiated contracts.

Nonconforming goods or services fraud

Refers to attempts by contractors to deliver goods or services to the procuring entity that do not conform to the underlying contract speci cations.

Change order

A written agreement between the procuring entity and the contractor to make changes in a signed contract.

Cost Mischarging Schemes

Occur when a contractor charges the procuring entity for costs that are not permissible, are not reasonable, or cannot be allocated to the contract directly or indirectly.

Accounting Mischarges

Occur when a contractor knowingly charges unallowable costs to the buyer by concealing or misrepresenting them as allowable costs, or by hiding them in accounts, such as o ce supplies, that are not usually closely audited.

Material Mischarges

Occurs when a contractor charges costs from materials incurred on a xed-price contract to a cost-type contract.

Labor Mischarges

Occurs when the contractor charges the procuring entity for work that was not actually performed.

Hacking

Using technology to gain unauthorized access to sensitive information on a computer system.

Black-hat hackers

Malicious hackers who in ltrate computer systems for criminal purposes

White-hat hackers

Well-intentioned hackers who are hired to identify weaknesses in an organization’s network before they are exploited by malicious hackers.

Hacktivists

Politically motivated hackers; they commit cybercrimes, including data breaches, to access classi ed or con dential information

Social engineering

A method for gaining unauthorized access to a computer system in which the attacker deceives victims into disclosing personal information or convinces them to commit acts that facilitate the attacker’s intended scheme.

Phishing

A type of social engineering scheme that involves impersonating a trusted individual or entity.

Spear Phishing

A targeted phishing attack generally focused on a corporate entity or a speci c employee within the entity.

Business email compromise (BEC)

A form of spear phishing attack that directly targets employees who can make large payments or who have access to sensitive proprietary information.

Vishing

Leveraging Voice over Internet Protocol (VoIP) in using the telephone system to falsely claim to be a legitimate enterprise to scam users into disclosing personal information or executing an act that furthers a scheme.

Smishing

A hybrid of phishing and short message service (SMS), also known as text messaging, used to dupe an individual or business into providing sensitive data by falsely claiming to be from an actual business, bank, ISP, or other entity with which the target does business.

Pharming

A type of attack in which users are fooled into entering sensitive data into a malicious website that imitates a legitimate website.

Catfishing

Involves the creation of a ctitious online persona to lure victims into emotional relationships under false pretenses.

Reverse Social Engineering

Attackers get the users to make the contact where attackers disguise themselves as technical assistants or someone from whom the user needs help (a need often created beforehand by the attacker through sabotage).

Password Cracking

An automated process by which an attacker attempts to guess a system user’s most likely passwords

Browsing

Involves searching through large quantities of available data to nd sensitive information.

Keystroke Logging

The process of monitoring and tracking the keys pressed on a keyboard.

Backdoors

Lets attackers bypass a system’s security using undocumented operating system and network functions.

Remote Access Trojans

A type of malicious software that provides the attacker with complete control of the target’s system.

Packet Sni ng

Computer programs that monitor tra c on areas of a network and search for packets of data as they pass through the network.

Trapdoors

A secret entry point into a program that allows someone who is aware of the trapdoor to gain access without going through the usual security access procedures.

HTTP Exploits

Involves using internet server applications to perform malicious activities by using a hypertext transfer protocol (HTTP) to transfer hypertext documents across an array of computer systems.

Spoofing

The process whereby a person or program masquerades as another to obtain unauthorized access to a targeted system.

Shoulder Sur ng

Obtains sensitive information by observing a targeted person from a nearby location

Piggybacking

Exploits another person’s access capability to gain access to restricted areas, including computer systems.

Scavenging and Dumpster Diving

Obtaining information left around a computer system, such as on desks or workstations or looking through someone else’s trash.

Data Manipulation and Destruction

Refers to the use or manipulation of a computer to perpetrate a crime and involves either direct or covert unauthorized access to a computer system by the introduction of malicious software such as viruses, worms, or logic bombs.

Malware

Any kind of malicious software, including viruses, worms, Trojan horses, spyware, and ransomware.

Salami Technique

A type of fraud where the perpetrator steals a substantial amount of money by “slicing” o “thin” amounts of cash repeatedly over time.

Fraud by Input Manipulation

Occurs when false or misleading information is entered into a system to achieve a speci c fraudulent purpose.

Data Leakage

Refers to the unauthorized transmission of data from within an organization to an outside destination.

Buffer Overflow Exploits

Sending inordinate amounts of data to a running program that is waiting to receive input.

Privilege Escalation Exploits

Refers to the act of exploiting a bug, design aw, con guration oversight, or other vulnerability in an operating system or software application to gain access that is beyond the user’s authorized access level.

Internet of Things (IoT)

The environment of everyday objects that use embedded sensors to collect and transmit data through the internet.

Con ict of Interest

Occurs when an employee or agent—someone who is authorized to act on behalf of a principal—has an undisclosed personal or economic interest in a matter that could in uence their professional role.

Fiduciary Duty

The duties imposed by law to their principals or employers, and any action that does not comply with those duciary duties constitutes a breach

Conflict of Interest

The agent should not have a in completing the act on the principal’s behalf.

Turnaround Sale

A purchasing scheme often used by fraudsters is called the , or the ip, where the fraudster takes advantage of the situation by purchasing the asset themselves, then turning around and reselling the item to their employer at an in ated price

Underselling or writing off sales

The or of goods and services are two principal types of con ict schemes associated with sales of goods or services by the victim company.

Resource Diversions

Divert the funds and other resources of their employers to the development of their own businesses.

Most serious

The inadequate disclosure of con icts of interest is among the _ of frauds

Appearance

The of a con ict is nearly as problematic as the existence of a true con ict.

Consumer Fraud

Embodies a wide variety of misleading practices related to advertising, marketing, or the selling or buying of goods and services.

Advance-Fee schemes

Schemes are structured to obtain an illegal gain by falsely promising the delivery of a product or service.

Debt consolidation

This scheme, agencies do not advance loans but act as an intermediary between debtor and creditor.

Diploma mills

For what is often a hefty fee, a diploma can be purchased by those who apply. The fraudster usually claims that the fee is for processing the application or for verifying the experience necessary for the degree to be awarded

Dietary and Health Cure schemes

schemes are consumer fraud schemes in which fraudsters attempt to deceive consumers by claiming certain products or foods are organic and pure and will cure or eliminate certain illnesses or diseases.

Modeling and Acting schemes

These fraudulent agencies are not set up to promote talent, but rather to get consumers to purchase a program that provides no bene ts

Automatic debit program

These programs are a convenient way to pay bills, such as recurring charges for mortgages and car loans that can be easily exploited

Equity-skimming schemes

A perpetrator draining the equity from a home though various means such as a home equity line of credit or re nancing the home multiple times and thus skimming the equity.

Sweepstakes, giveaways, and prizes

Some schemes lure in victims by stating that they have won a sweepstakes or large prize where The scammer then notes that the winner must pay certain fees before claiming a prize.

College Scholarship services.

These fake services usually charges an up-front fee or advance payment fee for nding a scholarship suitable for the applicant where Valid negative credit information cannot be removed or erased from a credit report.

Credit Repair

These fraudulent companies use solicitations that o er to repair a consumer’s credit. These statements are not only false but might be illegal

Credit Card Debt Elimination Scheme

These schemes have Consumers are lured by scammers who promise to eliminate their debt after they have paid a hefty fee.

Credit Analysis O ers Scheme

This Scheme is Normally, sold as advertisements on television, through the mail, or on the radio, o ering people the ability to obtain information about credit repair programs and to receive a “con dential analysis” of a consumer’s credit history.

Missing-Heir Scheme

The fraudster poses as a probate investigator or other genealogist, charging fees to distribute an inheritance.

Airline Ticket Scheme

To attract customers, some sites signi cantly undercut competitor prices by o ering deals that are so good they seem unbelievable where Fraudsters create ctitious websites to capture a consumer’s personal information (e.g., credit card information) to commit other frauds

Scamming Families of Migrant Children

Scammers that use knowledge of children who have crossed international borders to extort money from their family members. They claim to work for a government agency or to be child welfare workers.

Government Imposter Scheme

Some fraudsters impersonate government o cials that claims to work for a government agency, and say they won the lottery but need funds paid prior

Romance, Sweetheart, and Friendship Scheme

Fraudsters o er love or friendship to a lonely person, especially a nancially well-o widow or widower that charm themselves into the victim’s heart and then attempt to steal their money, often by asking for a loan.

Travel or Vacation Scheme

A is a variation of an advance-fee scheme that occurs when a fraudster creates a fake vacation rental listing or website whereThe fraudster takes photos of properties directly from the internet and uses random interior photos from other rental sites to make the properties appear inhabited.

Bait and Swaitch

The fraudster advertises unavailable properties and reserves a less desirable rental for the victim. and this is often called _.

Price Jacking

Travelers get the rental they reserved and pay more for it than they agreed.

Deceptive Email Scheme

A fraudster hacks into the email account of a legitimate rental owner or manager and forwards the rental inquiries to the fraudster’s own email account.

Hotel Scheme

Consumers typically have con dence that hotel management has fraud prevention measures established, but, unfortunately, hotels are susceptible to consumer fraud schemes

Insurance Fraud Schemes

Schemes come in many forms and are damaging to society.

Child Adoption Schemes

includes any illegal act or intentional misrepresentation by any party involved in the adoption process.

Electronic payment fraud

Occurs when an individual with authorized or unauthorized access intentionally uses or manipulates a consumer’s bank account for personal gain

Fraud Classified Model

Occurs when organizations are pressured for payments to accounts that are not truly managed for their stated purpose.