Announcements Archive

On November 8, 2021, as a result of a joint investigation by the U.S. Secret Service, and the Office of Inspector General (OIG), Legal Services Corporation (LSC), a former Information Technology (IT) Manager for an LSC grantee entered into a Pretrial Diversion Agreement (PDA) with the U.S. Attorney’s Office (USAO).

On December 6, 2021, in Superior Court, Orange County, CA, Luna and Cancino pled guilty to multiple counts of Grand Theft, one count of Theft of Personal Property, and one count of Unauthorized Practice of Law. Sentencing for Luna and Cancino is scheduled for June 6, 2022

The OIG recognizes that many grantees implement strong internal controls in your programs. This Fraud Alert is being issued to grantees to inform you of fraud indicators uncovered by OIG investigations since 2018 and to highlight the importance of grantee employees alerting the OIG to potential indicators of fraud, waste, and abuse of program funds. In doing so, the OIG intends to help prevent your program from being a victim of fraud.

The OIG has recorded a Cybercrimes Fraud Awareness presentation to inform grantees of the types of cyber-attacks that have targeted LSC grantees since 2018. The presentation provides grantees with best practices for preventing and detecting similar cyber-attacks and suggestions for responding to the cyber-attacks if they do impact your program.

The OIG has been investigating check fraud scams affecting grantees for nearly a decade. However, of late, these scams have been occurring more frequently and have become more sophisticated.

The LSC-OIG has seen an increase in cyber threats targeting LSC grantee programs since the beginning of the COVID-19 pandemic. As a result, the OIG has produced several resources to inform grantees of the pending threats which aim to assist grantees in preventing, detecting, and reporting the cyber threats.

The LSC OIG is issuing this advisory to remind grantees of the threat posed by phishing schemes and ransomware attacks, and to alert you to recent schemes targeting LSC grantees. One recent phishing scheme involved an email that was sent to a grantee employee containing a link embedded with malware. The phished employee clicked the link, which allowed the perpetrator to gain access to the system and encrypt all the program's data.

Ransomware attacks are on the rise for all types of industries. Common causes of ransomware attacks include spam or phishing emails, employees being deceived, weak passwords and related access management issues, and employees accessing malicious websites. 

The Office of Inspector General (OIG) for the Legal Services Corporation (LSC) is informing you of a recent scam, attempting to obtain $3500 from a grantee client as a “retainer fee.”

The client received a letter in the mail, purportedly from the grantee. The letter contained the grantee’s logo at the top and instructed the client to remit payment to the grantee at a P.O. Box that is not affiliated with the organization. The client’s name, address, and case number were included within the letter. The grantee believes the client information was gained through media exposure for the case, as well as through information that is publicly available.

The Office of Inspector General (OIG) has confirmed that the Legal Services Corporation (LSC) and at least two LSC grantees have recently been the target of business email compromise (BEC) scams. These scams resulted in the successful diversion of grant funds and gift cards to cyber-criminals. This threat is ongoing, and we have reason to believe that the cyber-criminals may be targeting additional LSC grantees. We therefore strongly encourage you to take immediate preventative steps, described in more detail below. The preventive steps include training your employees on BEC schemes and enhancing your internal controls and data security. Please share this fraud advisory with all employees to prevent the success of future scams in our community.