Since 1996, the Legal Services Corporation's (LSC) annual appropriations acts have required that each person or entity receiving financial assistance from the Corporation be subject to an annual audit, conducted by an Independent Public Accountant (IPA). Each grantee contracts directly with an IPA to conduct the required audit in accordance with Generally Accepted Government Auditing Standards (GAGAS), American Institute of Certified Public Accountants (AICPA) standards, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), and the…
The OIG recognizes that many grantees implement strong internal controls in your programs. This Fraud Alert is being issued to grantees to inform you of fraud indicators uncovered by OIG investigations since 2018 and to highlight the importance of grantee employees alerting the OIG to potential indicators of fraud, waste, and abuse of program funds. In doing so, the OIG intends to help prevent your program from being a victim of fraud.
The OIG has recorded a Cybercrimes Fraud Awareness presentation to inform grantees of the types of cyber-attacks that have targeted LSC grantees since 2018. The presentation provides grantees with best practices for preventing and detecting similar cyber-attacks and suggestions for responding to the cyber-attacks if they do impact your program.
IntroductionThe LSC-OIG has seen an increase in cyber threats targeting LSC grantee programs since the beginning of the COVID-19 pandemic. As a result, the OIG has produced several resources to inform grantees of the pending threats which aim to assist grantees in preventing, detecting, and reporting the cyber threats.Please find links to the cyber threat resources below:LSC-OIG Cyber Security PresentationsCyber Fraud Risk Briefing — Business Email Compromise: Download Business Email Compromise Presentation slides Video — Stay Safe: Protect Your IT…
The OIG has been investigating check fraud scams affecting grantees for nearly a decade. However, of late, these scams have been occurring more frequently and have become more sophisticated.
The LSC OIG is issuing this advisory to remind grantees of the threat posed by phishing schemes and ransomware attacks, and to alert you to recent schemes targeting LSC grantees. One recent phishing scheme involved an email that was sent to a grantee employee containing a link embedded with malware. The phished employee clicked the link, which allowed the perpetrator to gain access to the system and encrypt all the program's data.
The Office of Inspector General (OIG) for the Legal Services Corporation (LSC) is informing you of a recent scam, attempting to obtain $3500 from a grantee client as a "retainer fee."The client received a letter in the mail, purportedly from the grantee. The letter contained the grantee's logo at the top and instructed the client to remit payment to the grantee at a P.O. Box that is not affiliated with the organization. The client's name, address, and case number were included within the letter. The grantee believes the client information was gained through media exposure for the case, as…
On March 11, 2021, Legal Services Corporation (LSC) issued Program Letter 2021-02, LSC Excess Fund Balance Waiver Blanket Approval – FYE 12/31/2020 and 1/31/2021. The Program Letter recognizes that many LSC recipients may have excess fund balances due to receiving additional COVID-19 related funds from LSC and other sources.
Ransomware attacks are on the rise for all types of industries. Common causes of ransomware attacks include spam or phishing emails, employees being deceived, weak passwords and related access management issues, and employees accessing malicious websites.
The Office of Inspector General (OIG) has confirmed that the Legal Services Corporation (LSC) and at least two LSC grantees have recently been the target of business email compromise (BEC) scams. These scams resulted in the successful diversion of grant funds and gift cards to cyber-criminals. This threat is ongoing, and we have reason to believe that the cyber-criminals may be targeting additional LSC grantees. We therefore strongly encourage you to take immediate preventative steps, described in more detail below. The preventive steps include training your employees on BEC schemes and…