How to Leverage Law Enforcement Alliances to Accelerate Fraud Recovery
Here's how to ensure you're ready with a dedicated agent and plan.
How to Leverage Law Enforcement Alliances to Accelerate Fraud Recovery
Here's how to ensure you're ready with a dedicated agent and plan.
Share article:
Tyler Adams
4
Fraud Recovery
Jun 27, 2024
Matt O’Neill saw it all in his nearly two decades as a Special Agent within the U.S. Secret Service. Working as a case agent for 18 years, Matt dealt with diverse cases, ranging from network intrusions to financial fraud.
In 2017, after recognizing a growing need to combat cyber threats, Matt helped launch the Global Investigative Operations Center (GIOC). His efforts within the GIOC have stopped billions of dollars from moving through transnational money laundering networks.
Matt O’Neill recently shared his expertise with Tom Cronkright, CertifID’s Executive Chairman and Co-founder in the June edition of the To Catch a Fraudster webinar. They discussed the rising prevalence of fraudulent attacks and the importance of building relationships with federal law enforcement to prepare for such an attack.
As wire fraud grows in scale and complexity in 2024, understanding the scope of these threats and leveraging the resources around you — like law enforcement — is essential. Here are a few tips from Matt to help you build a better partnership with officials and increase your chances of recovery.
The Secret Service's role in fraud prevention
Founded in 1865 within the Department of Treasury, the U.S. Secret Service's (USSS) initial mission was focused on combating counterfeiting, an issue that jeopardized our nation’s financial stability following the Civil War.
Despite expanding its protective role to national leaders, the USSS has strongly focused on its investigative mission in combating financial crimes.
As the financial system has transitioned from paper currency to credit cards and digital information, the mission of the agency has also evolved, directing more attention to the expansion of cybercrimes in the US.
Why deep connections matter
Today, rapid advancements in technology have made the battleground against fraud more complex. Personally identifiable information (PPI) is more easily accessible online, making fraud easier to commit.
Matt recalled how his team would often discover vast amounts of sensitive, private data during their investigations—all for pennies on the dollar.
“I [could] buy your name, date of birth, social security number, mother’s maiden name. I [could] buy all of your PII for probably 5 cents online. These are websites that have been available. That was the reason why your information became available: It has been available—and you just didn’t know it,” he explained.
In addition, most data sharing and fraud prevention methods are often stuck behind regulatory or corporate red tape, enabling fraudsters to move quickly and attack quickly. This is an uneven advantage for fraudsters. As Matt shared, these bad actors aren’t limited by bureaucracy and bandwidth constraints.
“When you look at fraudsters, they are borderless, they are agile, and they are aggressive in their use of new technologies. They communicate and share information with each other on a regular basis,” O’Neill said.
The lack of collaboration between institutions and law enforcement is allowing these crimes to succeed and harm consumers.
In addition, fraud recovery success, Matt explained, is partly dependent on how fast information can be shared with law enforcement.
After 24 hours, the recovery rates typically “dips to single digits.” A pre-established relationship with law enforcement helps ensure faster information sharing and problem identification. In short, everyone needs to make more of an effort to work together and address these fraud vectors.
How to build a stronger relationship with law enforcement
The first step to a better fraud recovery system is to build an fraud recovery plan that houses all your key contacts and actions if fraud strikes. For most businesses, this is known as an incident response plan (IRP).
Your IRP will contain contact information for your key stakeholders from local and federal agencies (more on that below). As Matt explained, these plans should be easy to execute and ideally outline a “red-phone-to-red-phone direct communication setup.” In other words, it should tell you exactly who you need to call in law enforcement—and by when.
Your incident response plan is your emergency document that keeps you and your team organized, so include anything in it that you know is critical for recovery. The moments after realizing that you've been defrauded are often chaotic and emotional, but a written plan will keep you centralized and moving toward action.
Tips for finding your key contacts
With your incident response plan in hand, it's time to fill it out with contact information. Matt recommends this four-step plan to find and establish your go-to fraud prevention partner with major enforcement agencies.
- Increase involvement in agency groups:
One of the most important things you can do is to get involved. Join relevant organizations like the FBI’s InfraGard and the Secret Service’s CyberFraud task forces to educate, network, and expose yourself to emerging technologies and threats in cybercrime. This will allow you to create key touch-points across enforcement agencies.
- Swap contact information:
Once you’ve integrated yourself into these organizations, exchange contact information with their members. Connecting with the Secret Service or a member of your local FBI field office proves far more effective than contacting the local police department in addressing fraud incidents.
- Stay informed through industry alerts:
Outside of your groups, be sure to also follow what’s trending in current cybercrime tactics through reports like the FBI IC3 Annual Report. These reports can help you understand fraud hotspots and what federal agencies are seeing at the highest level.
- Maintain regular communication with key partners:
Like any relationship, it takes time and effort to grow. Federal law enforcement agents want to help and work with you, so it's important to get to know them before a crisis arises. O’Neill suggests getting to know them on a personal and professional level so you stay top of mind. “Have a plan, grab lunch or grab coffee with this person, [and] understand the prosecutorial thresholds of their offices,” he shared.
It sounds simple, but demonstrating genuine interest and maintaining regular communication will make all the difference when you need them. With a pre-established relationship, your information will already be on file, and law enforcement will be ready to move if the unthinkable happen.
The benefits of proactive fraud prevention
While having a law enforcement contact for recovery support is critical, Matt also recommends businesses look more upstream to prevent fraud in the first place. You can avoid most fraud attempts with early identity and data verification.
This includes establishing more secure conversations between businesses and individuals. Matt noted that email and basic two-factor authentication like SMS messages can be risky in the face of social engineering tactics like Business Email Compromise (BEC). While multi-factor authentication is a solid initial step in cybersecurity, verifying payments and purchase requests through channels outside of email is essential (2023 IC3 Report).
“I think that there needs to be, as part of duty, care, or responsibility of those that are affecting transactions to make sure that the communication channels for individuals and for businesses are secure," O’Neill emphasized.
Incorporating a solution like CertifID with identity verification features enhances your security and comforts all parties during real estate transactions. This can help you prevent fraud and mitigate risks like seller impersonation.
Take the next step in fraud prevention
With the right plan, and regular, active engagement, leveraging law enforcement will be much easier should you ever fall victim to wire fraud. If fraud strikes, your preparation makes the difference—and your business will certainly benefit from it.
As Matt explained, “Fraudsters will always have the advantage because they are always on the attack, and we are always on the defense. [So], understanding that, and then having…a plan is important.”
For additional discussion with law enforcement, check out insights from our conversation on fraud trends with U.S. Secret Service Investigator Stephen Dougherty.
You can find contact information for local law enforcement agencies specializing in financial crimes on the FBI IC3 site. We also recommend continuous learning through further reading and training programs to enhance your preparedness.
Co-founder & CEO
Tyler brings a decade of leadership experience developing and launching technology businesses. Before co-founding CertifID, Tyler led new product development at BCG Digital Ventures for Mercedes-Benz, First American Financial, Boston Scientific, and Aflac.
Matt O’Neill saw it all in his nearly two decades as a Special Agent within the U.S. Secret Service. Working as a case agent for 18 years, Matt dealt with diverse cases, ranging from network intrusions to financial fraud.
In 2017, after recognizing a growing need to combat cyber threats, Matt helped launch the Global Investigative Operations Center (GIOC). His efforts within the GIOC have stopped billions of dollars from moving through transnational money laundering networks.
Matt O’Neill recently shared his expertise with Tom Cronkright, CertifID’s Executive Chairman and Co-founder in the June edition of the To Catch a Fraudster webinar. They discussed the rising prevalence of fraudulent attacks and the importance of building relationships with federal law enforcement to prepare for such an attack.
As wire fraud grows in scale and complexity in 2024, understanding the scope of these threats and leveraging the resources around you — like law enforcement — is essential. Here are a few tips from Matt to help you build a better partnership with officials and increase your chances of recovery.
The Secret Service's role in fraud prevention
Founded in 1865 within the Department of Treasury, the U.S. Secret Service's (USSS) initial mission was focused on combating counterfeiting, an issue that jeopardized our nation’s financial stability following the Civil War.
Despite expanding its protective role to national leaders, the USSS has strongly focused on its investigative mission in combating financial crimes.
As the financial system has transitioned from paper currency to credit cards and digital information, the mission of the agency has also evolved, directing more attention to the expansion of cybercrimes in the US.
Why deep connections matter
Today, rapid advancements in technology have made the battleground against fraud more complex. Personally identifiable information (PPI) is more easily accessible online, making fraud easier to commit.
Matt recalled how his team would often discover vast amounts of sensitive, private data during their investigations—all for pennies on the dollar.
“I [could] buy your name, date of birth, social security number, mother’s maiden name. I [could] buy all of your PII for probably 5 cents online. These are websites that have been available. That was the reason why your information became available: It has been available—and you just didn’t know it,” he explained.
In addition, most data sharing and fraud prevention methods are often stuck behind regulatory or corporate red tape, enabling fraudsters to move quickly and attack quickly. This is an uneven advantage for fraudsters. As Matt shared, these bad actors aren’t limited by bureaucracy and bandwidth constraints.
“When you look at fraudsters, they are borderless, they are agile, and they are aggressive in their use of new technologies. They communicate and share information with each other on a regular basis,” O’Neill said.
The lack of collaboration between institutions and law enforcement is allowing these crimes to succeed and harm consumers.
In addition, fraud recovery success, Matt explained, is partly dependent on how fast information can be shared with law enforcement.
After 24 hours, the recovery rates typically “dips to single digits.” A pre-established relationship with law enforcement helps ensure faster information sharing and problem identification. In short, everyone needs to make more of an effort to work together and address these fraud vectors.
How to build a stronger relationship with law enforcement
The first step to a better fraud recovery system is to build an fraud recovery plan that houses all your key contacts and actions if fraud strikes. For most businesses, this is known as an incident response plan (IRP).
Your IRP will contain contact information for your key stakeholders from local and federal agencies (more on that below). As Matt explained, these plans should be easy to execute and ideally outline a “red-phone-to-red-phone direct communication setup.” In other words, it should tell you exactly who you need to call in law enforcement—and by when.
Your incident response plan is your emergency document that keeps you and your team organized, so include anything in it that you know is critical for recovery. The moments after realizing that you've been defrauded are often chaotic and emotional, but a written plan will keep you centralized and moving toward action.
Tips for finding your key contacts
With your incident response plan in hand, it's time to fill it out with contact information. Matt recommends this four-step plan to find and establish your go-to fraud prevention partner with major enforcement agencies.
- Increase involvement in agency groups:
One of the most important things you can do is to get involved. Join relevant organizations like the FBI’s InfraGard and the Secret Service’s CyberFraud task forces to educate, network, and expose yourself to emerging technologies and threats in cybercrime. This will allow you to create key touch-points across enforcement agencies.
- Swap contact information:
Once you’ve integrated yourself into these organizations, exchange contact information with their members. Connecting with the Secret Service or a member of your local FBI field office proves far more effective than contacting the local police department in addressing fraud incidents.
- Stay informed through industry alerts:
Outside of your groups, be sure to also follow what’s trending in current cybercrime tactics through reports like the FBI IC3 Annual Report. These reports can help you understand fraud hotspots and what federal agencies are seeing at the highest level.
- Maintain regular communication with key partners:
Like any relationship, it takes time and effort to grow. Federal law enforcement agents want to help and work with you, so it's important to get to know them before a crisis arises. O’Neill suggests getting to know them on a personal and professional level so you stay top of mind. “Have a plan, grab lunch or grab coffee with this person, [and] understand the prosecutorial thresholds of their offices,” he shared.
It sounds simple, but demonstrating genuine interest and maintaining regular communication will make all the difference when you need them. With a pre-established relationship, your information will already be on file, and law enforcement will be ready to move if the unthinkable happen.
The benefits of proactive fraud prevention
While having a law enforcement contact for recovery support is critical, Matt also recommends businesses look more upstream to prevent fraud in the first place. You can avoid most fraud attempts with early identity and data verification.
This includes establishing more secure conversations between businesses and individuals. Matt noted that email and basic two-factor authentication like SMS messages can be risky in the face of social engineering tactics like Business Email Compromise (BEC). While multi-factor authentication is a solid initial step in cybersecurity, verifying payments and purchase requests through channels outside of email is essential (2023 IC3 Report).
“I think that there needs to be, as part of duty, care, or responsibility of those that are affecting transactions to make sure that the communication channels for individuals and for businesses are secure," O’Neill emphasized.
Incorporating a solution like CertifID with identity verification features enhances your security and comforts all parties during real estate transactions. This can help you prevent fraud and mitigate risks like seller impersonation.
Take the next step in fraud prevention
With the right plan, and regular, active engagement, leveraging law enforcement will be much easier should you ever fall victim to wire fraud. If fraud strikes, your preparation makes the difference—and your business will certainly benefit from it.
As Matt explained, “Fraudsters will always have the advantage because they are always on the attack, and we are always on the defense. [So], understanding that, and then having…a plan is important.”
For additional discussion with law enforcement, check out insights from our conversation on fraud trends with U.S. Secret Service Investigator Stephen Dougherty.
You can find contact information for local law enforcement agencies specializing in financial crimes on the FBI IC3 site. We also recommend continuous learning through further reading and training programs to enhance your preparedness.
Co-founder & CEO
Tyler brings a decade of leadership experience developing and launching technology businesses. Before co-founding CertifID, Tyler led new product development at BCG Digital Ventures for Mercedes-Benz, First American Financial, Boston Scientific, and Aflac.
Sign up for The Wire to join the conversation.
Latest articles
