ORDER A REPORT
SECURE FILE UPLOAD

Security is the practice of protecting people, information, infrastructure, and assets from harm, loss, or unauthorized access. It includes a wide range of disciplines—such as cybersecurity, physical security, information security, network security, and financial security—all designed to reduce risk and maintain trust, continuity, and resilience.

Organizations rely on security frameworks, monitoring tools, policies, and incident‑response processes to defend against threats like cyberattacks, fraud, theft, natural disasters, and insider misuse.

Bust Out Fraud: When a Legitimate Business Is Turned Into a Weapon

Bust‑out fraud is one of the most damaging forms of business fraud. Unlike schemes that rely on fictitious companies or obviously forged documentation, bust‑out fraud exploits real businesses with real credit histories, turning legitimacy itself into the fraudster’s most powerful tool.

We recently found records involving a bust‑out scheme while performing research in connection with a commercial lending transaction. While the specific circumstances are confidential, the pattern was familiar and increasingly common across industries.

What Is Bust‑Out Fraud?

Bust‑out fraud occurs when an individual or group gains control of an existing business, builds or exploits its creditworthiness, and then rapidly incurs debt with no intent to repay. Once the credit is exhausted, the perpetrators disappear, leaving lenders, vendors, and partners with the losses.

What makes bust‑out fraud especially dangerous is that it often looks like normal business activity, until it’s too late.

How Bust‑Out Fraud Typically Works

A classic bust‑out scheme unfolds in recognizable stages:

  1. Acquisition or Control
    The fraudster purchases a business, installs themselves as an officer, or otherwise gains operational control, sometimes through seemingly legitimate mergers, management changes, or filings.
  2. Quiet Period / Credit Grooming
    For months (or longer), the company operates normally. Bills are paid on time. Credit limits may even be modestly increased. The goal is to reinforce trust.
  3. Rapid Credit Expansion
    Once confidence is established, the business applies for additional loans, vendor credit, leases, or financing, often simultaneously and across jurisdictions.
  4. Cash‑Out Phase
    Assets, inventory, or loan proceeds are diverted. Payments suddenly stop. Executives resign or become unreachable.
  5. Collapse
    The company folds, files for bankruptcy, or simply goes dark, leaving creditors scrambling to unwind what happened.

Real‑World Examples of Bust‑Out Fraud

While every scheme differs in execution, the following examples illustrate common variants.

  • Example 1: The “Too Smooth” Acquisition

A mid‑sized services firm is acquired by a new holding company. The new leadership existing staff and contracts in place, pays vendors promptly, and even invests modestly in marketing. Within a year, the company secures multiple six‑figure credit lines, followed by a sudden wave of equipment purchases and short‑term loans. Three months later, the business defaults across the board and leadership vanishes.

  • Example 2: Vendor Credit Exploitation

A long‑standing distributor with excellent payment history begins placing unusually large orders with multiple suppliers at once, negotiating extended terms. The inventory is resold quickly, often below market, to generate immediate cash. Vendors discover the fraud only after invoices go unpaid and bankruptcy filings appear.

  • Example 3: Identity Leverage Across Borders

A legitimate company with international operations is acquired by new principals. Corporate records are updated in multiple jurisdictions. The firm then secures financing in countries where credit checks rely heavily on corporate registration rather than beneficial ownership. The debt accumulates rapidly and enforcement becomes complicated once the entity dissolves.

Why Bust‑Out Fraud Is Hard to Detect

Bust‑out fraud often evades traditional fraud controls because:

  • The business already exists
  • Credit histories appear legitimate
  • Documentation is often technically correct
  • Early behavior reinforces trust rather than raising alarms

In many cases, the change in intent, not the change in structure, is what transforms a normal business into a fraud vehicle.

Final Thoughts

Bust‑out fraud exploits legitimate businesses and may remain concealed without thorough due diligence. In this instance, background screening identified prior involvement by the loan applicants in a bust‑out scheme, underscoring the value of a risk‑based review in identifying fraud risks before material exposure occurs.

 

Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.

April 6th, 2026|Categories: Commercial Transactions Due Diligence|Tags: , , |

The legalities of monitoring employees online

As a general principle, employers are legally permitted to monitor their employees online during business hours. Keeping a close eye on workers can help maintain company confidentiality, limit workers from surfing the web on company time and ensure the prevention of harassment.

But such monitoring does come with caveats, as well as risks.

For example, screening employee email on the employer’s network may be permissible but may require advance notice. In states such as Connecticut and Delaware, laws are in place that require employers to provide prior notice before electronically monitoring employees. A union contract may also place certain limits on monitoring and public-sector employees may have some rights under the Fourth Amendment with regard to unreasonable search and seizure.

Federal law can also come into play. Although the Electronic Communications Privacy Act (ECPA) generally prohibits the monitoring of electronic communications, it contains a “business purpose exception” that permits employers to monitor the electronic communications of workers if the company has a “legitimate business purpose.” The statute also allows monitoring with consent and many companies do this by including such permission as part of the onboarding process for new employees before granting access to the company’s networks or systems.

Another wrinkle: third-party communications. States such as California and Illinois mandate that all parties to a communication provide consent to its interception in transit. For employers, that means providing notice to recipients of employee emails and obtaining their consent before scanning a message from a friend or third party. Many companies post a notice on the company’s website and/or include a statement in employee emails that all messages are subject to monitoring and any response implies consent with the employer’s practices.

Even with all these issues, monitoring emails may be more straightforward than focusing on employee social media accounts. The Stored Communications Act (SCA) addresses the situation of accessing electronic communications stored by a provider (such as Gmail or Microsoft), as distinct from an employer accessing emails on its own system. Under the SCA, employers can be liable for the unauthorized access and disclosure of electronic communications in storage on corporate servers of a provider.

Further, roughly half the states ban employers from either requiring or requesting a worker to verify a personal online account like a Facebook profile, blog or Instagram or to log on to their social media account. While technology is available for employers to get around these laws (using keystroke logging software, for example, or taking screenshots), some of the information being monitored by an employer could itself be protected – such as union organizing activities under the National Labor Relations Act, attorney-client communications or in some states, geolocation data.

Mobile devices add another layer to the analysis. For workers using employer-provided mobile phones or devices, the employer has the right to legally monitor use from contact lists to photos and videos to Internet visits and emails. As for bring-your-own-device (BYOD) situations, the terms are generally dictated by the employer’s BYOD policy, but this is an emerging area of law and therefore murky.

All of these legal considerations are centered in the United States. Companies that operate outside the U.S. borders will have international law to contend with as well, notably the European Union General Data Protection Regulation (GDPR) and regulations found in its member states. As a general matter, EU law and the GDPR offer employees a greater level of privacy than that found in the United States. Last year, the EU’s highest court did rule that companies can monitor employee email – if workers are notified in advance.

Perhaps most importantly, employers should recognize that like all things related to technology, the legalities of monitoring employees online are constantly evolving. Being able to adapt to changing laws, regulation and technology will keep employers on their toes.

May 4th, 2018|Categories: Compliance Corner for Employment Decisions|Tags: , |

Business identity theft is alive and well

And it can happen to your business.

Criminals do not discriminate – any type of business or organization of any size or legal structure including sole proprietorships, partnerships, LLCs, trusts, non-profits, municipalities and county governments, school districts and corporations are all targets for business identity theft.

What exactly is business identity theft?  First, let’s clarify that we are not talking about an information security breach or an incident involving the loss or theft of confidential consumer information. Rather, business identity theft discussed here involves the actual impersonation of the business itself.

It happens when criminals pose as owners, officers or employees of a business in order to get their hands on cash, credit or loans, leaving the business on the hook to deal with the debt. A favorite tactic of identity thieves involves the theft of the tax identification number (TIN) or employer identification number (EIN) of the company or the owners’ personal information to use that data to open new lines of credit or obtain a business loan based on the company’s identity.

Another common form of business identity theft occurs when criminals file fake documents with the Secretary of State’s office to change company information such as its registered address or the names of directors, officers or managers. Once the records have been changed, the identity thieves can establish lines of credit or new accounts with the false information.

Other examples of the fraudulent use of a company’s information include current or former employees making use of their access to financial documentation; establishing a temporary office space or merchant accounts in a company’s name; going through a business’s trash and recycling bins to find account numbers or other sensitive data; using phishing attacks or other scams to get the business’s banking or credit information from employees; and filing for tax credits with stolen EINs.

Businesses are an attractive target for identity thieves. Generally speaking, a company will have higher credit limits than an individual, so opening a new account or line of credit in a business’s name will yield more cash for a criminal and larger purchases will receive less scrutiny. Perhaps most frustrating, companies are required by law to report certain identifiers (an address, EIN/TIN, and names of directors in most states), meaning the information is publicly available and easily accessible to anyone.

The invoicing and payment terms typically available to businesses can also work against them. Identity thieves may have a window of up to 30 days after a purchase to disappear before a company detects a problem – and even longer if the thieves use a different address.

Unfortunately, business identity theft is an underreported crime for a variety of reasons. Companies often have no idea their identity has been compromised until they begin receiving unfamiliar bills and collection notices when it is already too late to stop the thieves. Government agencies receive frequent requests for changes to company information and an address change is unlikely to raise red flags. Some businesses aren’t paying close enough attention or fail to caution employees about the possibility of phishing scams, while others may be embarrassed or concerned about their reputation with customers and don’t want to report what happened.

Given the underreporting problem, statistics on business identity theft can be hard to come by. However, the Internal Revenue Service (IRS) said it has seen the number of corporate tax returns flagged for potential business identity theft increase exponentially in recent years, from 350 in 2015 to 4,000 in 2016 with a jump to 10,000 in only the first six months of 2017. The cost of the damage has also risen dramatically, from $122 million in 2015 to $268 million the following year and $137 million for just the first half of 2017.

Importantly, these numbers reflect just one of the many forms of business identity scams.

What can companies do to protect themselves? Click here for a checklist of the most important steps for prevention and what to do if your business becomes a victim.

April 12th, 2018|Categories: Commercial Transactions Due Diligence|Tags: , |

FINRA issues investor alert about calls from brokerage firm imposters

The Financial Industry Regulatory Authority (“FINRA”) issued a new alert on August 6, 2013 labeled as Cold Calls from Brokerage Firm Imposters—Beware of Old-Fashioned Phishing to warn investors of calls from scammers claiming to be representatives of at least one well-known brokerage firm. In this latest twist on phishing scams, the fraudsters are cold-calling investors claiming to offer information about certificates of deposit with yields well above the best rates in the market in an attempt to get potential victims to divulge their personal or financial account information.

FINRA is reminding investors who receive unsolicited calls to never provide personal information or authorize any transfer of funds to any unknown person, and encourages anyone who believes that he/she has been scammed to file a complaint using its online Complaint Center or send a tip to FINRA’s Office of the Whistleblower.

August 7th, 2013|Categories: Commercial Transactions Due Diligence|Tags: , , |

Scraped information for sale to employers

Employers legally can’t discriminate based on gender, race and other factors which they may get from social-media profiles, but some indeed are using such data in their employment decisions. Media sources reported that scraping for employment purposes is growing, and that an employment screening company in Florida began offering limited social-networking data, including some that is scraped, about a year ago. Scrapers operate in a legal gray area. Internationally, anti-scraping laws vary, and in the U.S., court rulings have been contradictory. Media reports quoted Eric Goldman, a law professor at Santa Clara University saying: “Scraping is ubiquitous, but questionable. Everyone does it, but it’s not totally clear that anyone is allowed to do it without permission.”

December 23rd, 2010|Categories: Compliance Corner for Employment Decisions|Tags: , |
© 2012- SCHERZER INTERNATIONAL | ALL RIGHTS RESERVED
Go to Top