Is a third party’s use of encrypted email services a safeguard or a red flag?

View Summary

Raw Text

Get Published in Fraud Magazine

menu

Home

Current Issue

Topics Topics Case Studies Audit Data Analytics Accounting Profiles Investigation Health Care Career Global

Archive Archive Online Exclusives Past Issues CPE Quiz Videos

Resources Resources White Papers Advertise Reprints

About About Subscribe to Fraud Magazine About ACFE Membership Get Published

subscribe

Log In

Current Issue

Topics Case Studies Audit Data Analytics Accounting Profiles Investigation Health Care Career Global

Archive Online Exclusives Past Issues CPE Quiz Videos

Resources White Papers Advertise Reprints

About Subscribe to Fraud Magazine About ACFE Membership Get Published

Featured Article

Global organizations employ thousands of suppliers and vendors to get their business done, so they need to use the latest investigative tools of third-party due diligence (TPDD). Here we examine how we can use TPDD to discover how suspicious third parties can use email encryption services (and corresponding primary email addresses) to mask illegal activities and steal valuable data.

January/February 2024

By Antonio Rossi, CFE, and Lucrezia Tunesi

The new textile startup company, FabricFibre, worked with several third parties to produce their clothing lines. Its internal auditors stressed to the executives that it should conduct extensive “third-party due diligence” (TPDD) to verify the transparency and reliability of the external companies. So, FabricFibre thoroughly investigated via open sources (paid and unpaid) its more than 100 suppliers’ corporate chains, profitability, reputations, viability and other criteria.

The company, guided by savvy leaders, determined that the prospective suppliers employed email encryption services (EES), which many upright organizations use to foster anonymity and security in communications. However, criminal groups can also use EES to conceal their illicit activities and obstruct investigations. And they can link their primary email addresses to EES services to avoid detection. FabricFibre delved deeper and found that two of its suppliers had some suspicious roots. The company gave those firms a wide berth, and probably saved itself a lot of money and grief.

For full access to story, members may sign in here.

Not a member? Click here to Join Now.

Or Click here to sign up for a FREE TRIAL.

Related Articles

Lourdes C. Miranda, CFE

Throughout her career investigating financial crimes — first in the CIA and FBI and now in the private sector — Lourdes Miranda found that understanding human behavior is instrumental to cracking cases. She now urges fellow CFEs to balance technology with human intelligence in their investigations and learn everything they can about cryptocurrency and blockchain.

Detecting document fraud

Cases of document fraud, including check fraud, have exploded in recent years. The authors explain what’s behind the proliferation of this age-old scam and the modern technology CFEs can employ to stop it in its tracks.

Sleuths on the cyber trail

Andy Greenberg, the award-winning WIRED reporter, talks about his latest book on bitcoin tracing and how law enforcement still has the upper hand in its fight against cyberfraudsters and other criminals on the dark web.

November/ December 2023

View the Issue

Digital Edition

Log in

Member Services

Advertise

Archive

Morgan Stanley’s cybersecurity expert Rachel Wilson explains how cybercriminals infiltrate mobile devices with malware

Watch Rachel Wilson, head of cybersecurity at Morgan Stanley, discuss cybercriminal syndicates and how they use malware to infiltrate mobile device security at the 33rd Annual ACFE Global Fraud Conference in Nashville, Tennessee. View the video .

Sign up for a free 30-day trial

July/August 2023 Issue

Fact finder

On the brink of collapse

Banks cratering because of poor risk management

Detecting document fraud

The rise of employment scams in the digital age

View entire issue

May/June 2023 Issue

Tracking truth

The home front

Is ChatGPT the newest gateway to fraud?

Fraud lessons from the 'killer nurse'

The enemy within: Betrayal of leaders

View entire issue

March/April 2023 Issue

Taming fraud in crypto's Wild West

Sleuths on the cyber trail

When subjects admit guilt but they're innocent

Fraud in reconstruction: What awaits Ukraine?

Discount fraud

View entire issue

January/February 2023 Issue

The Medicare disadvantage

Thwart procurement fraud

Battling fraudulent product substitution

What can CFEs learn from private investigators?

5 most scandalous fraud cases of 2022

View entire issue

November/December 2022 Issue

Fraud and the North Korean cyberthreat

Navigating the choppy waters of internal whistleblowing

Pirates of the North Atlantic

Catching health care fraud with statistical graphics

A matter of trust

View entire issue

contact us

press room

advertise

acfe bookstore

events & training

privacy policy

Subscribe

ACFE Insights

The Fraud Examiner

Fraud Talk

Privacy Policy   Do Not Sell My Personal Information

Single Line Text

Get Published in Fraud Magazine. menu. Home. Current Issue. Topics Topics Case Studies Audit Data Analytics Accounting Profiles Investigation Health Care Career Global. Archive Archive Online Exclusives Past Issues CPE Quiz Videos. Resources Resources White Papers Advertise Reprints. About About Subscribe to Fraud Magazine About ACFE Membership Get Published. subscribe. Log In. Current Issue. Topics Case Studies Audit Data Analytics Accounting Profiles Investigation Health Care Career Global. Archive Online Exclusives Past Issues CPE Quiz Videos. Resources White Papers Advertise Reprints. About Subscribe to Fraud Magazine About ACFE Membership Get Published. Featured Article. Global organizations employ thousands of suppliers and vendors to get their business done, so they need to use the latest investigative tools of third-party due diligence (TPDD). Here we examine how we can use TPDD to discover how suspicious third parties can use email encryption services (and corresponding primary email addresses) to mask illegal activities and steal valuable data. January/February 2024. By Antonio Rossi, CFE, and Lucrezia Tunesi. The new textile startup company, FabricFibre, worked with several third parties to produce their clothing lines. Its internal auditors stressed to the executives that it should conduct extensive “third-party due diligence” (TPDD) to verify the transparency and reliability of the external companies. So, FabricFibre thoroughly investigated via open sources (paid and unpaid) its more than 100 suppliers’ corporate chains, profitability, reputations, viability and other criteria. The company, guided by savvy leaders, determined that the prospective suppliers employed email encryption services (EES), which many upright organizations use to foster anonymity and security in communications. However, criminal groups can also use EES to conceal their illicit activities and obstruct investigations. And they can link their primary email addresses to EES services to avoid detection. FabricFibre delved deeper and found that two of its suppliers had some suspicious roots. The company gave those firms a wide berth, and probably saved itself a lot of money and grief. For full access to story, members may sign in here. Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL. Related Articles. Lourdes C. Miranda, CFE. Throughout her career investigating financial crimes — first in the CIA and FBI and now in the private sector — Lourdes Miranda found that understanding human behavior is instrumental to cracking cases. She now urges fellow CFEs to balance technology with human intelligence in their investigations and learn everything they can about cryptocurrency and blockchain. Detecting document fraud. Cases of document fraud, including check fraud, have exploded in recent years. The authors explain what’s behind the proliferation of this age-old scam and the modern technology CFEs can employ to stop it in its tracks. Sleuths on the cyber trail. Andy Greenberg, the award-winning WIRED reporter, talks about his latest book on bitcoin tracing and how law enforcement still has the upper hand in its fight against cyberfraudsters and other criminals on the dark web. November/ December 2023. View the Issue. Digital Edition. Log in. Member Services. Advertise. Archive. Morgan Stanley’s cybersecurity expert Rachel Wilson explains how cybercriminals infiltrate mobile devices with malware. Watch Rachel Wilson, head of cybersecurity at Morgan Stanley, discuss cybercriminal syndicates and how they use malware to infiltrate mobile device security at the 33rd Annual ACFE Global Fraud Conference in Nashville, Tennessee. View the video . Sign up for a free 30-day trial. July/August 2023 Issue. Fact finder. On the brink of collapse. Banks cratering because of poor risk management. Detecting document fraud. The rise of employment scams in the digital age. View entire issue. May/June 2023 Issue. Tracking truth. The home front. Is ChatGPT the newest gateway to fraud? Fraud lessons from the 'killer nurse' The enemy within: Betrayal of leaders. View entire issue. March/April 2023 Issue. Taming fraud in crypto's Wild West. Sleuths on the cyber trail. When subjects admit guilt but they're innocent. Fraud in reconstruction: What awaits Ukraine? Discount fraud. View entire issue. January/February 2023 Issue. The Medicare disadvantage. Thwart procurement fraud. Battling fraudulent product substitution. What can CFEs learn from private investigators? 5 most scandalous fraud cases of 2022. View entire issue. November/December 2022 Issue. Fraud and the North Korean cyberthreat. Navigating the choppy waters of internal whistleblowing. Pirates of the North Atlantic. Catching health care fraud with statistical graphics. A matter of trust. View entire issue. contact us. press room. advertise. acfe bookstore. events & training. privacy policy. Subscribe. ACFE Insights. The Fraud Examiner. Fraud Talk. Privacy Policy   Do Not Sell My Personal Information.