Shell Companies Eyed In Fraud At Aegean Marine

Payments fraud on the high seas, perhaps, as a global shipper may have been involved with fake transactions and shell companies. Elsewhere, ransomware gets a roadblock and procard misuse goes to school, literally.

The shell game is one where sleight of hand causes one to lose their shift. So it is in the business world, where shell games of a different sort can wreak havoc on a victim’s corporate coffers. News came Thursday (Nov. 1) that a probe by international auditors is underway, examining a fraud that could be $200 million in scope at Aegean Marine Petroleum Network, tied to shell companies that ostensibly did business with the shipping fuel firm.

The Financial Times (FT) reported that the auditing team from EY has come at the direction of hedge funds based in the United States that are on the Aegean board. The investigation comes on the heels of news in June that as much as $200 million in receivables had been “without economic substance.”

Under examination in the probe, said FT, is whether four “shell” companies — listed in Florida, the Marshall Islands and the United Arab Emirates (UAE) — set up transactions that were used to siphon off funds. The auditors are also examining the shipping fuel firm’s relationship with Oil Tank Engineering and Consulting, a Marshall Islands-based company that had a contract in place stretching back to 2010, focused on building a fuel supply terminal. The project took four years to complete, FT said, having overrun its budget by approximately $100 million. Bank statements have shown that payments to Oil Tank continued for years after the terminal’s completion.

The Email Scam Lures More Victims

A U.K. survey, conducted by the Nationwide Building Society, found that across 2,000 individuals surveyed, more people would be at risk for victimization through email fraud than for other rogue activities. As many as 28 percent said they would proceed with requests for payment done via email and would not call suppliers to confirm the transactions. Only 5 percent would pay someone who showed up at their home offering trade services that needed to be “urgently” performed on the residence.

The Nationwide data found, too, that 22 percent of those aged 55 and over would not check an email invoice before paying the would-be supplier by phone. That tally bumped up to 37 percent for those aged 25 to 34, who would not check the bona fides of an email.

A Bit Of Victory

Separately, in what might be seen as a victory in the fight against payments fraud, a decryptor was developed by a collaboration between Bitdefender and enforcement agencies as far ranging as the Romanian police, the FBI and Europol. The decryptor, which stems from that joint effort and is offered for free, looks to battle GandCrab, a ransomware that has been able to defraud victims of more than $500 million this year alone.

In stats this month, just after the decryptor’s debut, it has been able to aid 1,700 would-be victims in getting their files back — and avoid $1 million in ransom payments. As noted via the U.K.’s Enterprise Times, the ransomware has allowed for customized ransom notes that can target individuals and enterprises, and demand ransom that is specific to the data that has been hijacked. Bitdefender noted that more than 600,000 individuals were infected in just the last 10 months, and of the $500 million in ransoms mentioned above, $300 million came in just the last two months. The ransoms themselves have spanned $600 to $700,000.

Procards Get Auditor’s Scrutiny

In individual instances of fraud and improper payments, a state audit of the University of Massachusetts found that university employees made more than $17,400 in improper purchases wielding university credit cards. The audit covered the period of July 1, 2014 to Dec. 31, 2016, as well as spending tied to procurement cards, more colloquially known as “procards,” across an examination of 165 transactions totaling $60,505.

Of that number, 59 were tied to gift cards, memberships, IT equipment and furniture. Those items, per the auditor statement, were not allowed under the university’s procard policies.