Tag Archives: know your business

Employment Fraudster Lack Of Differentiation

While the fraud fighting companies don’t differentiate themselves, it turns out the fraudsters aren’t differentiating themselves either.

“Gibson Karen.”

Take Gibson Karen, who commented that I should connect a particular person in Gibson’s network.

  • Except that Fibson has no network: 0 connections, 0 followers, and 0 recommendations despite nearly 2 decades in the industry.
  • Fibson’s location? “United States.”
  • The odd first name as last name that doesn’t match Fibson’s perceived sex.
  • The request to contact someone else, not Fibson.
  • The email address of Fibson’s contact? gregory.hopkins@allegisgroupjobs.com. The real URL is allegisgroup, not allegisgroupjobs.
Um…

Don’t they even try any more?

You don’t need 30 years of identity experience to recognize employment fraud when you see it.

KYG, Know Your Government (ICE, CBP, SBCSD, USPS)

I recently cited my 30 years of experience in selling to governments by using the acronym B2G (business to government). This confused the person I was talking to, who had heard of B2B (business to business) but not B2G.

By the same token, you have KYB (know your business) and KYG (know your government).

Two recent incidents in Southern California indicate that some of us are pretty bad at KYG.

El Pendón Estrellado

In case you haven’t been paying attention to the news, a lot of people in Southern California and elsewhere are talking about a portion of the Department of Homeland Security called Immigration and Customs Enforcement (ICE).

Not to be confused with the Queen – David Bowie fan.

I won’t get into the details about why people are paying attention to ICE right now, but let’s just say that when ICE shows up, a crowd gathers.

And that’s what happened at Dodger Stadium this morning when some white vans showed up at the Dodger Stadium parking lot. The Dodgers stated that ICE agents came to Dodger Stadium and that the Dodgers denied them access.

Except that it apparently wasn’t ICE, but Customs and Border Protection, another part of the Department of Homeland Security.

“‘This had nothing to do with the Dodgers. CBP vehicles were in the stadium parking lot very briefly, unrelated to any operation or enforcement,’ Assistant Secretary Tricia McLaughlin said in a statement.”

The Dodgers may be sensitive about things at the moment, since they apparently attempted to persuade Nezza NOT to sing the National Anthem in Spanish recently.

San Ber’dino

But it isn’t just people in Chavez Ravine that assume that white van equals ICE. Take my county, San Bernardino County. Or as former county resident Frank Zappa put it, San Ber’dino.

Recently the Sheriff’s Department made a statement.

[The] department is sending a message to the community following two incidents involving white department vehicles that it says were “targeted” after being mistaken for Immigration and Customs Enforcement units.

“All white vehicles are NOT ICE,” read Thursday’s post on the San Bernardino County Sheriff’s X account….

“We have had two incidents of our sheriff’s department personnel targeted while driving our unmarked units and in one case they were run off the road,” the post reads.

With so many agencies providing law enforcement and homeland security services, it’s understandable that some people could get confused about exactly which agency is at their door. ICE? CBP? The San Bernardino County Sheriff’s Department (SBCSD)?

Don’t forget that the U.S. Postal Service (USPS) also uses white vans (although they’re marked).

So if you’re not careful, the white van that you block may not be trying to send people to El Salvador, but instead may be trying to deliver your Amazon shipment.

Applying Common Sense to Employment Fraud

Jobseekers need to know their potential employer when something about a job opportunity doesn’t feel right. And there are ways to do that.

Trusting the person who says to trust your gut

I’ve previously talked about how common sense can minimize the chances of being fooled by a deepfake.

But common sense can help prevent other types of fraud such as employment fraud, as noted by Rachel Lund, chief risk officer with Sandia Area Federal Credit Union.

“Trust your gut- if it feels off, it probably is.”

But can we trust Lund? 

Using search engines for employment fraud scam research

Let’s look at another tip of hers:

“Research the company: Google “[Company Name] + Scam” and see if anything comes up.”

Although you can use Bing. Google isn’t the only search engine out there.

So I entered “Sandia Area Federal Credit Union Scam” into Bing…and found out about its warnings about scams.

From Microsoft.

As far as Bing is concerned, Scandia Area Federal Credit Union is not a scammer itself.

But Bing (and Google) are old fashioned dinosaurs.

Using generative AI for employment fraud scam research

So I clicked on the tab for Copilot results. (ChatGPT isn’t the only generative AI tool out there.)

From Microsoft.

Well, it’s good to know that a regulated credit union isn’t a scammer.

So credit unions are fine

But what about something with a slightly sleazier reputation…like stuffing envelopes?

From Microsoft.

OK, Copilot isn’t hot on envelope stuffing opportunities. 

So envelope stuffing isn’t fine

But what if we get personal?

From Microsoft.

TL;DR: “That’s not us.”

Know your business. Know your employer.

What is “Know Your Business” (KYB)?

I run in circles that use the acronym KYB, or “Know Your Business.” But I realize that many of you don’t use this acronym every day, so I thought I would explain it.

Let’s say that you encounter a business such as ByteDance or HiveLLM or Lorem Ipsum and you want to know more about it.

There are good reasons to understand a business before engaging with it.

As financial institutions and other businesses have known for years, there are services such as “Know Your Customer” and “Know Your Business” that organizations can use. 

“KYC and KYB let companies make sure they’re dealing with real people, and that the business is legitimate and not a front for another company—or for a drug cartel or terrorist organization.”

Even if you’re not dealing with extremist terrorists, you may want to have a better understanding of where the business is and/or who runs the business. Remembering that the legal owner of the business may not be the one who is actually operating it. For example, the Mob Museum documents the original ownership of the late Tropicana Hotel in Las Vegas:

“Miami hotelier Ben Jaffe (part owner of the Fontainebleau in Miami Beach) owned the land on which the casino would sit, but Conquistador Inc. would build and operate the resort.

“It just so happened that Conquistador’s owner, “Dandy” Phil Kastel, had a long and fruitful partnership with Frank Costello, perhaps the nation’s most infamous gangster in the spring of 1957…. And it almost goes without saying that most ‘Miami hotel men’ who came to Las Vegas in this era were more than familiar with Meyer Lansky, another famous gangland name.”

Unfortunately for Costello, people soon knew HIS business:

“On May 2, 1957, while entering a New York apartment building, Costello was shot and wounded by Vincent “the Chin” Gigante on orders from rival Mafia boss Vito Genovese. Written on a piece of paper found by police inside Costello’s coat pocket was the exact gross win from the Tropicana as of April 27, 1957 — $651,284, less $153,745 in markers (loans to players), with the proceeds from slot machines at $62,844. The note mentioned $30,000 for “L” and $9,000 for “H,” likely money to be skimmed on behalf of Costello’s underworld partner Meyer Lansky and perhaps for Mob-connected Teamsters union boss James Hoffa. It was a big national news story.”

It’s best to know your business BEFORE it’s splashed all over the media.

OneTaste: Know Your (Convicted Forced Labor) Business

If I get my products from my vendor, why do I need to implement Know Your Business (KYB) or Third-Party Risk Management (TPRM)?

Perhaps Compliance Week has a good answer:

“About 27.6 million people around the globe are ensnared by modern slavery, which refers to people being forced to work and losing their freedom due to imprisonment, threats of violence, debt bondage, or retention of their identity papers, according to the United Nations’ International Labor Organization.”

Yeah, but who cares about Third World countries? 

Tell that to the former owners of OneTaste:

“As proven at trial, between 2006 and May 2018, [Nicole] Daedone and [Rachel] Cherwitz obtained the labor and services of multiple young women who had turned to OneTaste for healing and spirituality by coercing them to perform labor, including sexual labor, for the defendants’ benefit.”

Would you want to do business with THAT company?

Although it has undergone an ownership and name change:

“n 2017, Ms. Daedone sold OneTaste for $12 million, prosecutors said. The former OneTaste.us website now directs visitors to The Eros Platform, a community that still promotes it affiliation with Daedone, Cherwitz and and their Orgasmic Meditation practice. The Eros Coaching Collective still advertises a three-session OM training package for $525.”

When HiveLLM Pitches an Anti-Fraud Professional

I received a suspicious email from “Sara Romano,” a “scout” with HiveLLM who wanted me to bid on a biometric content calendar with a budget of “75000” (no currency specified).

HiveLLM has no corporate address, no LinkedIn presence, a website only a couple of months old, and an advertised business model in which you can ask a question for 10 cents.

Oh, and “Sara Romano” also cold emailed Danie Wylie, who also found the pitch sketchy: https://m.facebook.com/story.php?story_fbid=pfbid0nvmhyuLpn3jwMv8K8sbK5EXfS4kcpjfWHicgj4BJhdFLMme87P5fvPSYf9CwjRH7l&id=100001380243595&mibextid=wwXIfr

A clear case of the need for Know Your Business (KYB).

And as you can see, HiveLLM failed a rudimentary KYB check.

But let’s ask some questions anyway.

“Sara, to confirm that HiveLLM is not a fraudulent entity, please provide your corporate address, registration information, and the identities of your owner(s) and corporate officers.”

UPDATE. At midnight Pacific Time, “Sara” sent a long response. Buried toward the end: “I’m unable to provide corporate registration or ownership details.”

When Beneficial Ownership Diverges From Legal Ownership

I recently discussed some proposed changes to the way in which beneficial ownership information (BOI) is collected. However, even after the changes are made, FinCEN will still collect BOI for foreign firms.

Hungary, facial recognition, and geolocation

Biometric Update recently published a story about facial recognition in Hungary, and its use to identify people who display rainbows and dress in ways “that diverge from the gender they were assigned at birth.” I’m going to zero in on one portion of the story: the facial recognition provider involved.

The company FaceKom has been around under different names since 2010 but has seen significant growth during the past few years thanks to investments from the Central European Opportunity Private Equity Fund (CEOM). The fund has no direct links with [Prime Minister Orbán’s son-in-law, István] Tiborcz. However, it is registered on the same address in Budapest where several companies owned by Orbán ‘s son-in-law operate.

Ah, geolocation! The Chi Fu Investment Fund Management Zrt.’s address of record is 1051 Budapest, Vörösmarty tér 2.

And do you know what else is at that address?

A Western Union Currency Exchange.

From https://interchangefx.com/branches/vorosmarty/.

Well, that’s enough to drive some conspiracy theorists crazy.

Beneficial ownership and legal ownership

So I didn’t find the smoking gun, but I do want to take this opportunity to point out what BENEFICIAL ownership is. Investopedia:

A beneficial owner is a person who enjoys the benefits of ownership even though the title to some form of property is in another name.

Using the Hungarian example (without the Western Union part), it’s not enough to say that CEOM and/or Chi Fu Investment Fund Management Zrt. (I don’t know enough Hungarian to confirm they are one and the same) does not list István Tiborcz (or Victor Orbán) as an official owner or co-owner.

As Unit21 points out, you don’t have to literally own (either on your own or through a trust) 25% of an entity to be a beneficial owner. Here’s another criterion of a beneficial owner:

Any individual that holds a significant ability to control, manage, or direct the legal entity

De facto control without de jure control could very well be wielded by a powerful politician, or his son-in-law.

(Imagen 3)

Don’t Know Your Business and Corporate Transparency Act Limited Enforcement (Oh BOI Again)

AuthenticID shared the following:

“In March, the U.S. Treasury Department announced it would no longer enforce the Corporate Transparency Act, the anti-money-laundering law that requires millions of businesses to disclose the identity of their real beneficial owners.”

Not entirely accurate as we will see, but the details are gated. But not at JD Supra:

“On March 26, 2025, FinCEN issued an interim final rule and request for comments, removing the requirement under the Corporate Transparency Act (CTA) for both U.S. companies and U.S. persons to report beneficial ownership information to FinCEN. The rule is effective March 26, 2025. Thus, subject to additional rule changes, U.S. companies and U.S. individuals no longer have to file an initial Beneficial Ownership Information Report (BOIR) or otherwise update or correct a previously filed BOIR.”

As the interim rule itself clarifies, foreign companies still have to report.

“On March 2, 2025, Treasury announced the suspension of enforcement of the CTA against U.S. citizens, domestic reporting companies, and their beneficial owners, and Treasury further announced its intent to engage in a rulemaking to narrow the Reporting Rule to foreign reporting companies only.”

The interim rule itself addresses the convoluted history (one, two, three) of FinCEN’s attempts to enforce anti-money laundering (AML) laws as court challenges persist.

I will let you judge whether this is welcome relief from bureaucracy for American companies, or a huge FinCEN loophole that facilitates AML financial identity evasion by simply letting companies represent themselves as domestic, allowing them to launder as much money as they please for terrorists, drug dealers, and others.

Not that I have an opinion on that.

(Business terrorist image Imagen 3/Google Gemini)

Jobseekers and Know Your (Fill in the Blank)

I’ve noticed that my LinkedIn posts on jobseeking perform much better than my LinkedIn posts on the technical intricacies of multifactor identity verification.

But maybe I can achieve both mass appeal and niche engagement.

Private Equity Talent Hunt and Emma Emily

A year ago I reposted something on LinkedIn about a firm called Private Equity Talent Hunt (among other names). As Shelly Jones originally explained, their business model is to approach a jobseeker about an opportunity, ask for a copy of the jobseeker’s resume, and then spring the bad news that the resume is not “ATS friendly” but can be fixed…for a fee.

The repost has garnered over 20,000 impressions and over 200 comments—high numbers for me. 

It looks like a lot of people are encountering Jennifer Cona, Elizabeth Vardaman, Sarah Williams, Jessica Raymond, Emily Newman, Emma Emily (really), and who knows how many other recruiters…

…who say they work at Private Equity Talent Hunt, Private Equity Recruiting Firm, Private Equity Talent Seek, and who knows how many other firms.

If only there were a way to know if you’re communicating with a real person, at a real business.

Actually, there is.

Know Your Customer and Business

As financial institutions and other businesses have known for years, there are services such as “Know Your Customer” and “Know Your Business” that organizations can use. 

KYC and KYB let companies make sure they’re dealing with real people, and that the business is legitimate and not a front for another company—or for a drug cartel or terrorist organization.

So if a company is approached by Emma Emily at Private Equity Talent Hunt, what do they need to do?

The first step is to determine whether Emma Emily is a real person and not a synthetic identity. You can use a captured facial image, analyzed by liveness detection, coupled with a valid government ID, and possibly supported by home ownership information, utility bills, and other documentation.

If there is no Emma Emily, you can stop there.

But if Emma Emily is a real person, you can check her credentials. Where is she employed today? Where was she employed before? What are her post secondary degrees? What does her LinkedIn profile say? If her previous job was as a jewelry designer and her Oxford degree was in nuclear engineering, Emma Emily sounds risky.

And you can also check the business itself, such as Private Equity Talent Hunt. Check their website, business license, LinkedIn profile, and everything else about the firm.

But I’m not a business!

OK, I admit there’s an issue here.

There are over 100 businesses that provide identity verification services, and many of them provide KYC and KYB.

To other businesses.

Very few people purchase KYC and KYB per se for personal use.

So you have to improvise.

Ask Emma Emily some tough questions.

Ask her about the track record of her employer.

And if Emma Emily claims to be a recruiter for a well-known company like Amazon, ask for her corporate email address.

(Image from Microsoft Copilot)