Fraud and Cybercrime
Best Practices to Bolster Your Fraud Intelligence Program to Prevent Corruption and Online Threats
Based on a Government Case Study by Jeff Thomson
Senior Criminal Intelligence Analyst
Royal Canadian Mounted Police (RCMP), Canadian Anti-Fraud Centre
The Impact of Fraud on Canadians
Fraud, cybercrime, and other related issues are major hurdles that most organizations have to deal with. They take up precious business time and cost lots of money. The Canadian Anti-Fraud Centre (CAFC) was set up to identify and deal with various types of fraud, and Jeff Thomson, the Senior Criminal Intelligence Analyst with the Royal Canadian Mounted Police (RCMP) at the CAFC, says that it was set up “in partnership with the RCMP, the Ontario Provincial Police and the Competition Bureau of Canada.” It is an exciting and unique place to work because “we’re reducing fraud every day.” They don’t do investigations per se, but they are “using the information we collect to support investigations and operations,” and to pass the information on “to various police jurisdictions, sometimes internationally.” Some of their efforts have led to arrests and convictions, but more than that, they are often involved in stopping fraudulent acts and raising awareness about what fraud and cybercrime look like.
This is particularly important because many of the fraudulent acts of today didn’t exist 10 or 20 years ago. The CAFC was created after “telemarketing fraud was identified as a significant crime problem in Canada in the 1990s.” The CAFC, initially known as the Phone Busters National Call Centre, was created soon after. Then in 1993, the Ontario Provincial Police developed a centralized reporting program for scams affecting Canadians, and then in 1997, “fraud was recognized as a major cross border crime concern between Canada and the US.” Little has changed since then, though in recent years things have only gotten worse. Fraud these days takes many forms, from the market and immigration fraud to intellectual property, insurance, and employment fraud. It also manifests in the health care, charity, and government sectors, not to mention mass marketing and identity fraud. Statistics Canada reports that fraud of any nature “rose for the eighth straight year in 2019, with almost 166,500 reported incidents, up 10% from the previous year.”
Analysis by the CAFC shows that the impact of all this fraud is having disastrous financial consequences. Whereas in 2005 fraud cost the Canadian economy CA$20 million, in 2020 it cost the economy “more than CA$160 million.” It is fair to say “that fraud continues to be a threat to the economic integrity of Canada.” Worse though than the financial impact for many people is the “social, psychological and emotional impact.” Most victims will be at least embarrassed or depressed, whilst some victims stand to lose their homes, savings or businesses. Frauds can also lead to marriage breakdowns, physical and emotional harm, “a reduction in consumer competence, increased burdens on families and social systems, and in some cases even suicide.”
This is particularly important to note because “anyone can be a victim. Many frauds today are designed to play on victims’ emotions. They attempt to elicit responses based on panic, fear, desperation, elation, and love.” This became all the more apparent during the height of the pandemic when fraud activities rose significantly, especially in light of the fact that some people were working remotely for the first time with little knowledge of how the internet works, making them particularly vulnerable. Thus “the pool of potential victims has increased dramatically.” It is estimated that scams specifically related to COVID-19 have cost the economy CA$7.5 million.
Apart from fraud specifically related to events like the pandemic, there are essential “three key drivers of fraud: social engineering, identity theft, and anonymity.” They are not new, but they are “more ubiquitous today.” The Office of the Privacy Commissioner of Canada reported that there was a “six-fold increase” in data breaches from 2018 to 2019, “which affected some 28 million Canadians.” Other agencies report that “phishing remains the weapon of choice of fraudsters,” accounting for more than half of all cyberattacks. Moreover, identity theft rates have more than doubled from 2019 to 2020. “Criminals continue to use technology to refine their ability to make fraudulent emails, websites, social media profiles, telephone calls, and text messages seem real.” On top of that, “the pseudo-anonymous nature of cryptocurrency” is also being used as a weapon by fraudsters.
Combatting Fraud – Strategies for Fraud Reduction
As fraud continues to play havoc on society, the CAFC is “at the forefront of identifying the new trends and emerging technologies.” This includes incidents of “price and job scams, phishing campaigns, and increasingly more sophisticated scams like business email compromises, cryptocurrency offerings, or large scale identity frauds or extortion scams.” The CAFC is tracking these frauds, “developing scam definitions and identifying top offenders, key facilitators, and new and emerging fraud trends.” Though the CAFC doesn’t have enforcement powers, they work with law enforcement agencies and assist with “civil, regulatory and criminal investigations.” Everyone working in this field “recognizes that we’ll never be able to investigate this problem away,” but that doesn’t mean that agencies should give up. In fact, agencies across Canada are working together to bring attention to fraud and assist in its disruption. This includes “the creation of a National Fraud Strategy to reduce fraud, and a National Fraud Awareness Campaign launched by the Canada Revenue Agency known as ‘Slam the Scam’.” Canada also recently participated in the “National Fraud Prevention Month campaign that ran for the 17 th year this year, as well as our participation in a global anti-fraud enforcement network.” On top of that, the Canadian government continues to assist in these efforts by passing bills and creating or re-defining various criminal acts, as well as “mandating the reporting of data breaches.”
Fraud prevention is “everyone’s responsibility,” but it is not only about identifications, investigations, and the creation of policy. Fraud prevention is largely about raising awareness. There’s a saying in the CAFC that “if we can’t arrest all the bad guys, then let’s make Canada the most educated country in the world when it comes to fraud.” That in some ways is part of the mission of the CAFC, because “ultimately, we want to change people’s behaviors.” This means encouraging people to change their passwords regularly, getting them to do due diligence before agreeing to send money over the internet, and informing them about cybercrimes and cyber safety. The CAFC and other government agencies involved in fraud prevention, therefore, use “every communication channel at our disposal,” like social media, traditional mail, TV, and other means to “collectively spread and amplify the anti-fraud awareness and messaging.”
Although technology is increasingly being used by fraudsters, “it is also playing a role in our advancement.” The RCMP runs the “National Cybercrime Coordination Unit which is adding some of the much-needed capacity while also offering innovation and improvement in the collection, correlation, and analysis of this global crime problem.”
“We’re helping Canadians every day, and we’re using the information we collect to help investigate, support operations and drive fraud prevention awareness programs. We’re also working with private sector partners to disrupt the tools of the scammers. It is the most rewarding intelligence position in the RCMP. After all, who in policing would ever complain about helping people, helping victims and jamming up bad guys?”
Jeff Thomson, Senior Criminal Intelligence Analyst, Royal Canadian Mounted Police (RCMP), Canadian Anti-Fraud Centrer