Insider Fraud: The Enemy Within | “What The Fraud?” Podcast

THOMAS TARANIUK: Hello dear audience, and welcome to another episode of What The Fraud?, a podcast by Sumsub where digital fraudsters meet their match. I’m Thomas Taraniuk, currently responsible for some of our very exciting partnerships here at Sumsub, the global verification platform helping to verify users, businesses, and transactions as well. When we talk about the risk of fraud to a business, it doesn’t always come from hackers or outsiders. It often starts inside the building.

Insider attacks can cost companies a lot, and in 2024 alone, the average cost of an insider attack was 17.4 million USD. But there’s also a cost in trust and reputation.

In this episode, we’re diving into insider fraud—the kind that comes from within your organization. Whether it’s a trusted employee, a contractor, or even an executive. These attacks can cause financial damage and destroy trust. We’ll also be exploring how to build a culture and secure internal systems that protect the bottom line without killing trust. Helping us do that is a very special guest: Marc Evans, the founder of Fraud Hero. Marc is a certified fraud examiner, law enforcement officer, and a seasoned ally in the battle against fraud.

With over a decade of experience investigating fraud and financial crime, Marc’s personally led the charge on more than 500 fraud cases—from modest scams to multi-million dollar conspiracies. He’s worked alongside law enforcement agencies, financial institutions, and major corporations to uncover the truth.

Let’s go back to the beginning of it all. Investigating fraud, of course, is now a major part of your life. But how did you get here? And actually, what made you want to become a fraud investigator?

My journey to becoming a fraud investigator

MARC EVANS: Well, first, Tom, thank you for having me on the show. I really appreciate it. Fraud is a passion of mine. What got me started originally was I had a passion for puzzles. I never saw myself—even growing up as a kid—going into law enforcement. And it wasn’t until probably right after high school, beginning of college, when I made that choice.

But I always loved puzzles, and I figured if there’s one way for me to do the biggest puzzles, it’s fraud—because it goes into so many different areas and avenues. Then I decided to become an officer, and while I was going through the process to join law enforcement—the background process—I actually found out that I was a victim of identity theft.

So during the background process, when you hire on to be a police officer, they check everything. They check your credit score, your criminal history—anything like that. They want to make sure that you’re going to be a good candidate. I checked my credit report, and it showed that I had an account in another state that I had no idea about.

One of the things that can hinder you from joining the department is if you have something that’s in collections or in debt collections. So for me, I almost lost an opportunity for the career that I was looking forward to. And that kind of pushed me even further to want to dive in and investigate fraud, because I figured: if this can happen to me, this can happen to anyone who’s trying to maybe get their dream job, their dream home, the dream car that they want—and some criminal will stop them from being able to do that.

THOMAS TARANIUK: Oh, absolutely. What do we mean when we talk about employee fraud, also known as, of course, insider fraud? What are the sorts of frauds that are becoming more prominent? And why do you think that’s the case, Marc?

Which types of insider fraud are becoming more prominent in 2025?

MARC EVANS: Well, when it comes to insider fraud—that’s essentially embezzlement, as some people call it—it’s when someone you trusted within your organization, usually an employee or maybe an executive member, uses company resources or conducts fraudulent transactions through several means in order to benefit themselves. They’ll pay themselves more than what they’re supposed to get, pay their friends more than what they’re supposed to get paid, or they’ll use company resources for their own personal gain.

THOMAS TARANIUK: Super interesting. But in your experience, how can organizations distinguish between intentional wrongdoing and honest mistakes? And what do you think are the warning signs to look out for?

Fraud or mistake? How businesses can tell the difference

MARC EVANS: The first thing you want to do is look out for patterns. And that’s not the one-off situations where something unusual happens—maybe a check was misdistributed somewhere or there was a frozen payment. That’s a one-time thing, right? You’re looking for consistent transactions, activities, or behaviors that happen over a period of time, which indicate something is going on.

So, there are some common red flags. One of the red flags I normally see when it comes to embezzlement or insider fraud is that the employee starts living beyond their means. You have someone who’s making $40,000 or $50,000—or £40,000 or £50,000 in some cases—and all of a sudden they’re driving a car worth $100,000 or $150,000. And so you’re not sure—okay, where did that come from?

Another red flag you’ll see is someone who suddenly has all this extra money but doesn’t want to take vacations. So they have a lot of money, but when someone says, “Hey, take your two weeks’ vacation,” or “Take some time off,” they’re holding on to the job and saying, “You know what? This job can’t function without me.” They start giving all these excuses as to why they can’t take that vacation.

That’s one of the patterns you want to look out for—why don’t they want someone else to look at what they’re doing? Most insider fraud is caught that way. It’s usually caught when the person leaves the job, someone else takes over, and they’re reviewing all of their procedures and go, “Okay, this is not something we normally do. Why is this person doing it this way?” And that’s usually when fraud is uncovered.

Suggested read: The Top-6 Most Common Employee Frauds—How to Minimize Internal Fraud

THOMAS TARANIUK: When we’re looking at these types, is it the case, Marc, that it often is a repeated offense, right? A fraudster won’t attack once—they attack multiple times and at multiple points. And your point about only finding out after the fact is super interesting. Would you be able to tell us a little bit more about that as well?

Is employee fraud often a repeated offense?

MARC EVANS: They’ll do it multiple times without getting caught. Usually, most fraudsters who are committing insider fraud—it’s not their first time, it’s just the first time they’ve been caught doing it. And they have no criminal history or they’ve never been arrested for it, but they’ve been doing it for a good amount of time.

On average, what I usually see is around 18 months before the fraud is caught. So you have a year and a half before someone even knows that fraud is happening. And sometimes that’s not the case because some people don’t have internal policies to even look over those types of things. But yes, they’re definitely doing it more than once.

It starts off small. When they do start, it’s usually very small—like little payments. I’ve seen situations where it goes from, “Hey, let me try a couple of hundred dollars,” and then over time it becomes, “Okay, let me try a thousand,” then “Let me try five thousand.”

To the point where I’ve seen, in a matter of a month, it goes from $3,000 stolen to over $100,000 stolen per month, for several months at a time. That’s usually the pattern I see when it comes to embezzlement.

THOMAS TARANIUK: Often or not, it might be baby steps, right? Everyone’s a little bit fearful at first, but if they get away with it—and once they realize they can—they feel invincible. But often or not, that can also be the downfall, right?

So in 2024, 83% of companies reported internal fraud, and one in five companies said it cost them between $1 and $2 million to recover from a scam. From your perspective, is insider fraud actually increasing, or are the scams just getting more sophisticated and harder to detect?

Is insider fraud on the rise—or just getting harder to detect?

MARC EVANS: They’re definitely increasing. One reason is that after 2020, we went through the whole pandemic and a lot of businesses were shut down and forced into remote work. So remote work became more of a norm. And that became a norm especially for people who are in charge of money—think of accountants, bookkeepers—where companies figured these people didn’t have to be in the office while carrying out their workload.

So with the absence of someone being able to watch over them, they feel they can get away with more. Because of that, I’ve seen an increase in insider fraud and embezzlement across the board—not just in frequency but in the amount stolen as well. Since they’re working from home, it’s become a lot harder to detect, a lot harder to find.

You’re not seeing the usual patterns, such as living beyond their means, because they’re not coming into the office. You’re not seeing them drive the fancy car. You’re not seeing them take extravagant vacations—unless they’re posting it on social media or something. All those little indicators aren’t being seen. And even if they do take a vacation, they just put their position on hold for a little bit and continue working unusual hours. When you’re working remotely, you sometimes don’t have fixed hours. Some businesses say, “As long as you do your 8 to 10 hours throughout the day and you’re logged in, that’s fine,” instead of, “You’re in the office from 9 to 5,” or “8 to 5,” or whatever it may be. Now they can work odd hours. So the red flag of unusual working hours or secrecy doesn’t take effect either.

Companies are missing all these patterns they would normally catch in an office setting. I’m not saying everyone needs to go back to an office—some remote work is great—but for some positions, especially those dealing with money and company resources, I think they should probably be in an office.

How easy is it to carry out fraud when you’re not in person at the office?

THOMAS TARANIUK: Definitely. How much easier do you reckon it is to carry out fraud—or insider fraud—when you’re not in person in an office? You mentioned some roles might be different, etc. But nowadays, even in our company, everyone pretty much is working from home besides some major offices.

MARC EVANS: It’s become a lot easier, because you can not only do remote work within the same area where the business is located. Here in the US, I can be in another state working remotely for a business that’s headquartered elsewhere. So you may have an accountant that works five states away. They have no oversight. No one’s checking their work. And it’s not until something happens that it’s discovered.

I’ve seen cases amounting to almost $2 million over a span of 11 to 12 months, simply because the person had no oversight.

I’ll give you an example. I once worked a case where there was a remote accountant. It was a small business that had grown into a small-to-medium-sized business. It was experiencing some growing pains, and with those come more money to manage—more contractors, more vendors. And this person knew that that was the case. So what this person ended up doing was they used a combination of synthetic identity fraud, and they created fake businesses or fake names or fake vendors. They opened up bank accounts using those fake vendor names. So when they were sent payments to these accounts, it didn’t look weird. It looked like they were paying another vendor.

And it wasn’t until someone started looking into it and said, “Wait a minute, this actually isn’t one of our vendors. It’s a very similar name, but it’s not one of our vendors.” And when they asked the accountant about it—that’s when the accountant gets weird.

Suggested read: KYB (Know Your Business) Verification Guide of 2025

And this is one thing I see in every single instance of fraud or embezzlement: the moment the person is caught or feels like they’re caught, they quit. Every single time. All of a sudden, they start sending in emails and messages and give ten reasons.

I had one case where a girl gave five different reasons in a matter of 30 minutes, it went from a flat tire to someone trying to kill her boyfriend. It was across the board—lots of random things.

But with this case, where the person created all these fake vendors—it wasn’t until they saw one of the fake vendors and asked the person. All of a sudden, the accountant quits, and then they do the internal audit. And through their audit, they discovered, “Wait a minute. This person, over time, has stolen over $1 million from us.” They had no idea. Now, it’s kind of a big business—they’re doing well if they can be missing $1 million and not catch it right away. But you don’t want to lose that trust and reputation with your clientele either.

Remediation process

THOMAS TARANIUK: Marc, what’s the remediation process like specifically for this? If they do quit their job because they have a hunch that their tricks are up, is it the case that maybe they get away with it for 6 or 7 months? And then of course, you have to track them down in another state?

MARC EVANS: Yeah, that definitely happens. There are usually two ways this goes.

1. There’s the civil route, where they will sue the person and try to get their money back through legal means.
2. There’s the criminal route, where they file a report with the police, and law enforcement will track this person down.

We do an entire investigation. That includes a lot. As a detective, I’m signing subpoenas or requests to banks, getting a ton of information from the business.

With internal fraud, what makes it so complicated is, as a detective, I don’t completely understand how your business operates. So, you have to explain to me exactly how your business works, where the funds are supposed to go, and how the transactions are supposed to occur.

I have to know which transactions are legitimate and which ones are fraudulent. After gathering all that information, I have to determine: is the person who was accused actually responsible? Is this true internal fraud, or was it a mistake? Because the last thing I want to do is go after someone who simply made an accounting mistake.

Maybe there’s a glitch in the system—but usually, someone doesn’t quit their job over that. In these cases, you want to make sure you’re going after the right person. So, we gather the information, and once we figure out there’s enough to go after them, then we move forward.

THOMAS TARANIUK: I can imagine it takes a long time to pursue it in both cases, right? Because you’re potentially pursuing it across different states. And within the UK specifically, we’ve seen a massive rise in this. There have been some major cases and some major breakthroughs—like the Postal Service one—where wrongfully indicting people can lead to severe consequences, right?

People taking their own lives, losing their savings, going to jail. This happened to hundreds of people. But often when it is nefarious action—when the employee means to take advantage of the trust placed in them—do they actually plan that far ahead? Or do they just seize opportunities as they arise?

I guess what I’m asking is: what’s the psychological tipping point where they say, “I’m going to be a fraudster,” and then continue to push it?

The psychological tipping point: What drives someone to become a fraudster?

MARC EVANS: It’s not usually something that’s planned ahead, at least in most of the cases I’ve seen. Especially internal fraud. It’s usually a crime of opportunity, and there are a couple of things that fuel that.

One is economic pressure. They might be thinking, “Times are rough. I don’t know how I’m going to pay my bills. I have to buy groceries, my house, childcare. I don’t make enough money.” Then they see an opportunity: “I have access to a lot of money. Maybe if I just take a little bit now, I’ll pay it back later.”

But what ends up happening is they see that no one caught what they were doing, so, they think, “Maybe I can take a little more.” Now they can buy some new clothes, go grocery shopping. Then it escalates: “Maybe I can buy a new car. Maybe I can pay off my house. Maybe I can take my kids to Disneyland.”

I’ve seen a lot. And since these cases can take a long time to build—to gather all the information needed—they may have acquired another job in the meantime. In one case, before I could get someone to court for the first incident, they had already done it two more times.

THOMAS TARANIUK: Jesus. Double dipping.

MARC EVANS: Oh, triple dipped. The first time she got caught, she wrote a check before even getting her first paycheck. By the time the case moved forward, she had already started working at a restaurant. She was given the power to handle accounting and bookkeeping—sign checks, write amounts. And she was writing checks to herself and her roommates. As soon as she got caught, she admitted it. She even wrote a confession letter. Of course, she was terminated. But by the time that case moved forward—maybe a year later—she was working for another company.

Suggested read: Psychology of a Fraudster

The craziest thing? Four days before she was supposed to be sentenced, I got another case. She had done it again. Luckily it came to me. I had to contact the district attorney and say, “I know court is on Tuesday, but she’s done it again. What do I do?” So I had to expedite getting the bank documents—everything I could—before those four days were up.

The DA was then able to say, “This person hasn’t learned their lesson. She’s done it again. We need a harsher sentence.”

Usually, these people don’t stop. Especially with embezzlement—they just go to another business and do it again.

And here’s the last caveat: that woman ended up doing a year in jail. She got out, went to another state, and did it again. I know this because the detective in that state called me after checking her history.

THOMAS TARANIUK: Wow. A repeat offender. A serious case, but that’s exactly what I was asking—about the psychology of these fraudsters. With insider fraud, if you don’t catch it early, they can repeat the offense. From your perspective, Marc, what role do internal audits or finance teams usually play—or fail to play—in catching this kind of activity?

What role do internal audits play in identifying internal fraudsters?

MARC EVANS: Early policies and company culture are probably the biggest factors when it comes to internal fraud. There’s usually a lack of policy, and the culture doesn’t encourage whistleblowing. But the biggest one is a lack of oversight.

Too much trust is given to one person, and there’s nothing in place to automatically flag red flags or patterns. For example, if there’s refund fraud, there might be no system showing, “Hey, this one employee is approving a lot of refunds.”

Also, employees might see fraud happening but fear coming forward because they might get in trouble—just for witnessing it. I’ve seen someone get fired for reporting another employee’s fraud. That’s a culture problem. It sends the message, “If I speak up, I’ll get fired.” That’s the last thing you want in your business.

THOMAS TARANIUK: So, we’ve been talking today about how insider fraud isn’t just a theory—it’s very real and a serious threat inside companies today. We don’t just study fraud—we work directly with those who fight it. That’s why we’re hosting the What The Fraud Summit in Singapore on November 19 and 20. Learn more here:

Welcome back, Marc. Let’s now look at what we can do to stay safe. The latest report from the Association of Certified Fraud Examiners, or ACFE, found that 85% showed red flags in their behavior. From your perspective, what are the most overlooked internal controls companies should use to detect these?

What are the most overlooked internal controls companies should use to detect internal fraud?

MARC EVANS: The first one is segregation of duties. If someone is in charge of writing checks, someone else should distribute them—or oversee payments. Or if a payment is made, someone else should double-check it.

Another is outdated fraud detection systems. AI is everywhere now, and it can be very useful for recognizing patterns and large amounts. Even without AI, you can set alerts—like if a transaction exceeds $10,000, it must be reviewed before approval.

If companies don’t have that kind of system in place, they’re going to lose money at some point.

THOMAS TARANIUK: Absolutely agree. From the perspective of tools or anti-fraud systems, where have you found most tools fall short when you’re investigating actual fraud cases?

Where most anti-fraud tools fall short during real investigations

MARC EVANS: It’s a double-edged sword. Tools are great—they’re put in place to help us catch red flags. But overreliance on tools without proper training for the people using them is a major issue.

If you have an alert system but don’t train employees on what to do after a red flag is raised, you’ve failed. You need both the tool and the human behind the tool to make it effective.

This can be a double-edged sword. Tools and technology are valuable resources—they’re designed to help us detect issues and flag potential fraud. But when organizations become overly reliant on these tools and neglect the people using them, that’s where problems arise. One of the biggest failures I see is the lack of proper training. If employees don’t understand what to look for or what actions to take once a red flag is triggered, the technology alone won’t be enough.

Suggested read: From Panic To Expertise

Take, for example, a system that flags transactions over $10,000 or $50,000—whatever the set threshold may be. If no one actually reviews those transactions with due diligence and simply checks a box because they trust the system to catch anything suspicious, they’re putting the company at risk. Over time, this complacency creates vulnerabilities.

It’s essential not only to keep your technology up to date but also to ensure your people are well-trained and engaged. Without that balance, the effectiveness of even the best tools is limited.

And it’s not just about internal fraud. In many recent cases, we’re seeing threats that appear internal but are actually external—things like social engineering attacks, where employees are manipulated into acting against the organization’s interests. These can be even more damaging because they blur the lines between internal mistakes and external threats, making detection and response even more complicated for businesses.

THOMAS TARANIUK: Absolutely. And I mean, with phishing attempts becoming that much more realistic, I can imagine tech literacy is a huge, huge—let’s say—area of improvement for a lot of these companies, which are moving into the digital age now, especially. And when it comes to insider fraud, Marc, it’s about a huge breach of trust between the organization and the individual as well.

But that trust goes both ways. Can some fraud detection tools actually harm trust inside of a company? And from your perspective, how do you make sure monitoring does not actually damage team morale?

Can fraud detection tools damage trust within a company?

MARC EVANS: Well, to answer the first part—can it hurt businesses? Maybe it can hurt businesses in the time frame it takes to complete a transaction. So if you’re concerned about the experience of getting payments done, maybe getting payments out to your vendors, maybe receiving payments from your vendors, it could hurt in that way too, where you have to slow down the speed in which you’re accruing revenue. And if you’re a publicly traded company, I mean, that could hurt you as far as quarterly earnings or whatever it may be. Your earnings may seem less than what they actually are, because you’re doing more due diligence to make sure that everything is correct.

And as far as hurting morale—maybe some employees may feel that the processes are now taking too long. Or maybe they feel like they’re being micromanaged while doing their job, especially the good employees. And most—99%—of employees are good employees. It’s the 1% that hurts. And maybe the 99% of employees are feeling, “Hey, they’re just monitoring me because they think I’m doing something wrong.” And now you end up with this animosity between executive members and the employees that they supervise.

But you want to have a top-down approach and be able to explain why these things are happening. So if you’re in an executive position, you want to be able to explain why you’re changing procedures and policies and the benefits that it’s going to have—instead of just saying, “This is what we’re doing, whether you like it or not, and get it done.”

Because now that could be said, “Well, I just want to know why. If you explain to me why, and I understand and agree with it, I have no problem doing it.” And most employees—that’s what they do. They have no problem doing it. It’s the lack of information that they get when they have to put in new policies and procedures.

THOMAS TARANIUK: 100%. And from the perspective of employees, let’s say in large companies, I’m sure that most wouldn’t want a Big Brother which implements new, novel things, doesn’t tell them why, and they have this feeling that they’re always being watched, right? Because that adds that fear element too—it adds that, “Okay, we’re going to lead by fear,” an example of, “If you don’t stick to your lane, there might be some repercussions” as well.

I mean, we’ve talked about this on—I mean—the wider US basis, right? But is it very much the case that this could be based on industry, based on company size, based on state, or any other factors which could determine these types of insider frauds?

Factors that contribute to insider fraud occurring

MARC EVANS: I haven’t seen a separation, because it happens in every industry. I’ve seen it happen for restaurants. I’ve seen it happen for major hotels and casinos. I’ve seen it happen for car dealerships and car rental companies. It is across the board and can affect any business. So I don’t want people to think, “Well, we’re a major business, and we’re in a better position and we have better means and better technology, so this won’t happen,” or for a smaller business to go, “Hey, we only have five employees, so I have to trust this one person to do all these things.”

You still have to take that due diligence, whether you’re a small company or a big company, to put those policies and procedures in place. Otherwise, you can lose money to the detriment of your company. And now maybe your company is closing down—whether you’re big or small.

THOMAS TARANIUK: I completely agree with you there. We’ve looked at insider frauds—and from the perspective of, let’s say, trends, where do you see it going in 2025 to 2026 and beyond?

Trends of insider fraud 2025-2026

MARC EVANS: With insider fraud, one of the things that I see going forward is the use of synthetic information or synthetic ID information to commit the fraud. If you have someone who plans it out, maybe they use a synthetic ID that they’ve created to get hired by a company. So their entire purpose for getting on with the company would be to defraud the company, commit internal fraud, and maybe disappear.

And now, since they’ve used synthetic information—such as maybe a fake name, fake Social Security number, or fake date of birth—you really don’t have an idea of who this person really is when they do up and leave. And then also the use of synthetic information when it comes to committing the fraud: maybe they’ve created ghost employees, and the ghost employees aren’t real. Or maybe they’re a combination of real people.

And so not only is your business a victim, but now you may have actual people who have had their identities stolen, and they are additional victims. And so now it broadens that out. So the use of that is going to be big. And then protecting information—I’ve seen a lot of insider fraud that doesn’t result in maybe the company losing money immediately.

I’m thinking of something that I’ve dealt with in terms of banking and financial institutions, where now we see a lot of information that gets leaked from data breaches—credit card information, bank account information, all that stuff becomes available on the dark web, on Telegram, and other places. But they don’t realize that it’s an internal theft that’s happening—maybe one of their employees who was inside is stealing this information and giving it to other fraudsters to use or using it themselves.

And now, while the business may lose some money, the bigger thing they’re going to lose is reputation. Because now you have customers and clients who are saying, “I can’t trust you with my information because it’s being leaked by one of your employees,” and then I’m being a victim of fraud elsewhere. So they have to look at it from that sense.

THOMAS TARANIUK: I can see that. Monetary implications can also come down much further down the line, right? As you said, it might not initially be fiscal in terms of the explosion around a fraud case, etc., but the reputational damage is something that sticks within a lot of minds and hearts today. And when we’re talking about these data leaks—SSNs specifically in the US—of course, there was an issue there with access to this sort of data. But AI is also coming into play, where individuals are not only able to source SSNs, but also activate their phishing campaigns to find out more information about people, steal their identities, provide deepfakes around these individuals, and create documents as well. So as you mentioned earlier, Marc, AI is clearly a double-edged sword in fraud, empowering both the attackers and the defenders.

So from your perspective, where does AI show the most promise in detecting insider threats, and where do you see the current limitations or risks, let’s say, in relying too heavily on it as well?

Where AI shows the most promise in detecting insider threats—and where it still falls short

MARC EVANS: I think people should go into the use of AI, but look at it as a tool and not the end-all, be-all—not the thing that’s going to fix everything. It’s still a tool. Just like a computer, like a phone, like these technologies that we use. But it’s an advanced tool. In the same way that you said they can create deepfakes, they can clone voices, they can pretend to be CEOs.

I remember the case where—I think it was in Hong Kong—the guy sent $25 million thinking that he was talking to his CEO. He thought he was talking to his CEO on a Zoom call, or I think Zoom or Teams call.

THOMAS TARANIUK: It was definitely… and there were multiple people on that call as well. It was like his CRO, CMO—there were loads of people and the CEO together. That’s what we’re talking about in terms of hybrid versus in-person work and trying to trust everyday calls. Because I do trust my calls implicitly, which is also a bad sign, right?

Yeah. It’s very hard to authenticate who you are speaking to on the other line.

MARC EVANS: I think leaning into it and using it as a tool—versus thinking it’s going to fix everything—yeah. So I think people should, and businesses should, use it. Because where it’s going to have the most impact is pattern recognition. So when you put it into your system and you want to see if there are multiple transactions happening—maybe they’re all going to the same account, maybe there’s a single person who’s doing multiple transactions that are out of the norm—it can recognize that.

This person only does maybe 5 to 10 transactions per month, but this month there were 25. Okay, why did it increase so much? What are the amounts? The amounts are normally a couple hundred dollars or a couple thousand dollars, but we’re seeing tens of thousands of dollars in transactions now. And the AI systems will be able to set those alerts to allow the person—the actual person—to then begin their investigation and look into it.

THOMAS TARANIUK: I completely agree with that as well. I mean, from the perspective of evolving trends, we’re seeing AI come into force with a plethora of tools for fraudsters to use, and for businesses at the end of the day, to make sure that they can spot and stop insider fraud through pattern recognition, as you mentioned, Marc, and other tactics as well.

But if you got out your crystal ball right now—you might not have one—but if you looked into it and you said, “I’m going to look at the future and see what’s the landscape of digital fraud, and especially fraud—insider frauds—at companies going to be over the next few years,” do you think you’re going to see a rise in complexity in terms of the scale and size of these frauds? Let’s say incursions, new tactics that are coming into play?

And do you have any sort of high-level recommendations for what businesses should do to protect themselves beyond using some AI tools and making sure that people are more tech-savvy and more prepared for, let’s say, circumstances such as these?

What’s insider fraud going to be over the next few years?

MARC EVANS: If I had to go into the future and saw fraud that was happening and said, “This is exactly what I thought it was going to be,” it would be that example where I said I believe there’s going to be more internal fraud when it’s about obtaining information for use.

So I don’t know if you’ve heard the term “fraud-as-a-service” (FaaS). I see that being the future of fraud because now you have true scammers and true fraudsters who will employ people who work within businesses to obtain the information to be used elsewhere.

Suggested read: Fraud-as-a-Service: How $20 Can Cause Millions in Damage

So now, there are layers—these levels between people, walls—where you have one person stealing information, one person selling information, and then someone else using the information.

And that is starting to increase because now it becomes more difficult to investigate and say, “Who’s really the perpetrator? Who’s really the person behind this?” And you may catch the person who’s using it, but now you want to know where they obtained the information. And they’ll say they found it on the dark web, Telegram, WhatsApp—something of that nature.

And then you go, “Okay, well, this person is selling it. But how did they get it?” Oh, they paid someone. You know—“Hey, here’s 100 bucks for every identity that you steal for me from the business.” Or, “Here’s money for every check or account number that you get for me from this business that I can then use or sell to someone else.”

And I see FaaS being the biggest growing factor when it comes to internal fraud. Because the people who would traditionally commit internal fraud, they want something—they want finances, they want a better lifestyle. But if they can get it without being the person who actually goes out and uses the information, they’re still going to do it. So I see fraud as a service growing exponentially, honestly, over the next few years.

THOMAS TARANIUK: It’s a huge industry in itself. If you look at SaaS and these other remits, right, around different industries exploding online—and also democratizing access for everyday people like yourself and myself, Marc, as well—to get access to digital services. What FaaS is doing is providing access—and easier access—to fraud services at a cheaper cost.

Not only from the perspective of AI tools and creating deepfakes—such as OnlyFakes for a document for $10, a deepfake for $5—and being able to go to these digital services and circumvent the moats that they have around them with regard to fraud tools.

But as you’ve mentioned a really interesting point—specifically around the moats that you can create as an insider fraudster between you and the fraud which is actually happening—accessing details that you would on a day-to-day basis, sharing them externally with someone else—that could make your job and everyone else’s around that person very difficult in terms of the audit trail and connecting the dots, right?

Do you think this adds a protective layer to what they’re doing? And also maybe a level of confidence to continue as well?

The hidden moats insider fraudsters build to avoid detection and boost confidence

MARC EVANS: It does—especially with remote work. I’ve seen it in the banking industry, where you may have someone who’s a remote customer service representative, and all they have to do is take their notebook and write down all the information that they come across, and then sell that information to someone else.

So it does create a layer of protection. Because how do you prove that they’re the person who is taking that information? Even if you go back to their phone calls, maybe their phone call is just a normal customer service phone call—it’s not different from anything else. They just happen to copy the information that they would normally receive during that call, and they just sell it.

So it does create that “How do I prove that this person is the one who stole the information?”—especially from a law enforcement perspective. And that makes it very difficult. All of that layering of crime, I should say, makes it more difficult for law enforcement to go after.

THOMAS TARANIUK: And connecting the dots is essential for making sure that people who do commit these types of fraud actually meet justice as well. From the perspective of, let’s say, fraud as a service, when we’re looking at it on a big picture, do you believe that this is something that can be challenged, that can actually be fought against by institutions and businesses looking to protect themselves from insider fraud? Through maybe automating these relationships with customers, with critical PII, and therefore eliminating the human error or the opportunistic value of fraudsters—or everyday people who actually end up becoming fraudsters?

Automating relationships with customers

MARC EVANS: I know some people hate the automation because they want to talk to a real person when they call a business. But some things can definitely be automated to change the amount of information exposure. There can be security measures put in place. I know I’ve seen a lot about two-factor authentication, multifactor authentication—maybe using those types of tools to prove that somebody is who they say they are.

That’s through automation, whether it be going online and you have to give a password, two-factor authentication, or something else. I know for biometrics, anytime I use any of my accounts, it’s biometrics. Honestly, I don’t even know most of my passwords because I use biometrics and a password manager—well, I know my master password.

THOMAS TARANIUK: It might be safer than passwords as well.

MARC EVANS: Yes. Biometrics by far, I believe, are safer than having just a typical password. But I think using those in part with automation and using AI to help with that—things are getting better and better. I saw a study that said it doubles in power or capability every six months. And if that’s the case, AI is getting a lot better with facial recognition, pattern recognition, and speech-to-text—actually being able to be conversational and answer common questions that customers have.

You can use those to answer the simple questions. Maybe something that’s a little more complex, they can talk to a physical person. But there are definitely some of these smaller factors that can be automated. AI can be used to streamline services for people and make it easier and safer.

THOMAS TARANIUK: I think especially with generative AI, when you can have agents as compliance officers or audit officers within companies, they can consolidate a lot of work as well. And Marc, thank you so much for this conversation. But before we end, I would love to touch on a few more things—specifically getting to know you a little bit better on a personal level.

Quick-fire round

So we do this every episode, and we start it off with five quick questions, which we call the quick-fire questions. Are you ready to go through them?

MARC EVANS: All right, let’s go. Let’s see what you got.

THOMAS TARANIUK: Absolutely. So when choosing a digital wallet, do you go for more features or do you go for better security?

MARC EVANS: Better security.

THOMAS TARANIUK: It’s a good answer. I do the same. What’s one thing about fraud that still surprises you, even after all of your experience?

MARC EVANS: From my experience—the lack of attention that it gets. And this is just me speaking as law enforcement versus other crimes. I think because it’s seen as—what they call “paper capers”—it’s not seen as maybe a violent crime and it’s not seen as detrimental as some other crimes. So that still surprises me—that people don’t understand the impact fraud has on the individual or business.

THOMAS TARANIUK: Well, this is what we love exploring on this podcast, especially because fraud is not a victimless crime, as we always like to share. It impacts so many people, so many families, and on levels that we like to look into just to educate everyone as well.

Next question—we answered this earlier in our conversation—but have you ever been a victim of fraud yourself? Do you have any other cases? I mean, was that a one-off, or did you see this again?

MARC EVANS: First, I’ll say anyone can be a victim of fraud. I don’t care who you are. I don’t care if you think you’re the utmost expert in the world—everyone has the capability to be a victim. So, I’ll talk about the one where I had my identity stolen. But, I mean, I’ve had my credit card stolen before, which is why I use a digital wallet more than anything nowadays. But this one was stolen from a pay-for-parking data breach that happened. I don’t know if you’ve ever been to California, but it is pay-for-parking everywhere, and you have to use their system. They have the QR codes, or you go to their website.

I don’t prefer to use QR codes because I’ve seen where stickers are placed and it goes to the wrong website. But in this instance, I went to the website, paid for the parking, and a year later my credit card was being used in another state. I went to look up if there were any data breaches my information might’ve been in, and it turned out that parking company had a data breach. And I go, “Well, that’s how my information got out there.” So even though I did everything I could to try to prevent being a victim, I couldn’t prevent them from having a data breach.

THOMAS TARANIUK: Well, hopefully you managed to recoup some of those funds. It sounds like a bit of a headache.

MARC EVANS: I did. I actually scared the bank employee because of my questions—because of what I do for a living. I’m a detective in fraud. I was asking a bunch of questions that they weren’t used to receiving from a normal customer. So I had to explain what I do for a living, and they felt a little more at ease after that.

THOMAS TARANIUK: You walked them through what could have happened rather than them doing that for you, right?

MARC EVANS: Yes. I was like, “Here’s what you need to do. Check this and check this.” And they asked, “How do you know that?”

THOMAS TARANIUK: Excellent. And we have one final question. If you could have any other career than the one that you’re in right now, what would it be? And I say that knowing that probably this is the career you’ve always loved.

MARC EVANS: If I could choose any other career, I would love to be a professional athlete. That was my goal growing up—to be a professional athlete. I definitely am not doing that now. Age has gotten to me. But I love archery, so if I could compete or even train as a professional—whether teaching archery or competing in archery competitions—I would definitely do that.

THOMAS TARANIUK: Oh, that’s awesome. I haven’t done archery—actually, I did it recently, just under a year ago, actually. Well, Marc, it’s been an absolute pleasure having you on the “What The Fraud?” podcast. Honestly, I really enjoyed getting to know you and hearing your expertise. I think we’ve got a massive road ahead in terms of both spotting, stopping, and also educating the public around insider frauds. And thank you for educating both myself and our audience.

MARC EVANS: Thank you. I really appreciate being here. And if you ever need me to come back to talk about another type of scam, I’m game.

THOMAS TARANIUK: Thank you for joining us today on this episode of What the Fraud?. On the next episode, we’re diving into the dark world of pig butchering scams. Our guest is a leading figure in the global fight against this fast-evolving fraud, known for bringing down criminal rings and recovering millions for victims. So tune in as we unpack how these emotionally manipulative crypto scams work—and what’s being done to stop them.