The LSC OIG is issuing this advisory to remind grantees of the threat posed by phishing schemes and ransomware attacks, and to alert you to recent schemes targeting LSC grantees. One recent phishing scheme involved an email that was sent to a grantee employee containing a link embedded with malware. The phished employee clicked the link, which allowed the perpetrator to gain access to the system and encrypt all the program's data.
The Office of Inspector General (OIG) for the Legal Services Corporation (LSC) is informing you of a recent scam, attempting to obtain $3500 from a grantee client as a "retainer fee."The client received a letter in the mail, purportedly from the grantee. The letter contained the grantee's logo at the top and instructed the client to remit payment to the grantee at a P.O. Box that is not affiliated with the organization. The client's name, address, and case number were included within the letter. The grantee believes the client information was gained through media exposure for the case, as…
On March 11, 2021, Legal Services Corporation (LSC) issued Program Letter 2021-02, LSC Excess Fund Balance Waiver Blanket Approval – FYE 12/31/2020 and 1/31/2021. The Program Letter recognizes that many LSC recipients may have excess fund balances due to receiving additional COVID-19 related funds from LSC and other sources.
Ransomware attacks are on the rise for all types of industries. Common causes of ransomware attacks include spam or phishing emails, employees being deceived, weak passwords and related access management issues, and employees accessing malicious websites.
The Office of Inspector General (OIG) has confirmed that the Legal Services Corporation (LSC) and at least two LSC grantees have recently been the target of business email compromise (BEC) scams. These scams resulted in the successful diversion of grant funds and gift cards to cyber-criminals. This threat is ongoing, and we have reason to believe that the cyber-criminals may be targeting additional LSC grantees. We therefore strongly encourage you to take immediate preventative steps, described in more detail below. The preventive steps include training your employees on BEC schemes and…
The OIG believes that the LSC community is at risk of being targeted by BEC schemes. We ask grantees to make their employees aware of the known threat and provide them with the resources included in this advisory.
The information presented is a summary of the results of QCRs of Fiscal Year 2018 and Fiscal Year 2019 financial statement audits conducted by IPAs. We encourage IPAs and Executive Directors to use the summary information in planning and conducting audits of LSC grantees.
The OIG Hotline has recently received several reports of ransomware attacks directed at grantee IT networks. The perpetrators of these attacks exploited weaknesses in grantees' IT infrastructure to disrupt grantee access to data, financial records, and sensitive client information, or to disable servers and back-up servers, pending payment of a ransom.
This recorded Fraud Awareness Briefing provides useful information to assist in preventing common fraud schemes found in grantee programs. The briefing aims to foster a dialogue with staff and to engender suggestions for ways to help protect your program from fraud in order to maintain the positive reputation your program has deservedly earned.Fraud Awareness Briefings (FAB) are presented by LSC OIG investigative staff and cover topics such as: who commits fraud; what conditions create an environment conducive to fraud; how can fraud be prevented or detected; and what to do if fraud is…
This Fraud Alert provides information obtained through OIG investigations involving payroll fraud, which generally occurs when employees wrongfully manipulate a payroll system to receive payments they have not earned.