Fraud

Your Airline Miles Are Worth $74 Billion and Hackers Know It

Earmark Team · November 17, 2025 ·

Ever check your airline miles balance and think, “I should probably use those someday”? Well, fraudsters aren’t waiting. While you casually ignore those reward points, criminals are actively hunting for these digital treasures that have somehow become worth more than the companies that create them.

In this episode of Oh My Fraud, host Caleb Newquist explores the surprisingly vulnerable world of loyalty and rewards programs, revealing how the points flooding your inbox have become prime targets for fraud schemes that affect everyone from frequent fliers to wholesale club members.

The Accidental Billion-Dollar Asset Class

When United Airlines started tracking customers in the 1950s, it gave out plaques and promotional materials—basically corporate swag. Fast-forward to today, and rewards programs look entirely different. American Airlines generated $6.5 billion from its AAdvantage program in 2023 alone—not from selling tickets, but from selling miles.

The economics are almost absurd. As Newquist points out in the episode, airlines create miles for about half a cent each. They’re database entries. Then they turn around and sell these digital tokens to credit card partners for two to three cents per mile. That’s a 400% to 600% markup on something that costs virtually nothing.

“The hilarious thing is that these aren’t tangible,” Newquist observes. “They’re just made up. They’re just digital assets created out of thin air.”

The combined loyalty programs of United, American, and Delta are worth $73.8 billion. Think about that: these made-up points are sometimes worth more than the airlines themselves. And McKinsey estimates 30 trillion unredeemed miles sit in passenger accounts globally. That’s enough for every airline passenger on Earth to take a free one-way flight.

But here’s where things get dicey. Despite sitting on this massive pile of value, major airlines, including Southwest, American, Frontier, and Alaska, don’t offer two-factor authentication for account access. These companies spend millions on aircraft safety but can’t implement basic security that’s been standard in banking for over a decade.

When Your Miles Take an Unexpected Trip

The human cost of this security gap becomes painfully clear through recent victims’ stories. In July 2024, multiple Alaska Airlines customers woke up to drained accounts. One victim lost 150,000 miles, worth about $1,900. Another reported on Reddit that hackers stole over 200,000 miles. The points were being used to book luxury hotels in Abu Dhabi.

Gabrielle Bernardini, a writer for The Points Guy, discovered her Southwest account had been hacked when she received an email confirming a Hampton Inn reservation in Kalamazoo, Michigan—a booking she never made. The fraudster burned through 17,100 points, worth about $240.

Through persistence, Bernardini got her points back. But Southwest made it clear they were only doing it as a “gesture of goodwill” and a “one-time exception.” Their actual policy? “Southwest is not responsible for unauthorized access to a member’s account and will not replace stolen points.” Newquist confirmed that’s still the policy today.

Clint Henderson’s American Airlines nightmare went even further. Fraudsters drained hundreds of thousands of his AAdvantage miles for car rentals. Recovery meant jumping through incredible hoops. American required a new email address for his new account and demanded a PDF or screenshot of his police report. When Henderson went to file the police report, the NYPD’s online system was down. He had to visit a precinct physically, then was told that he couldn’t have a copy of his report until a detective intervened the next day.

Even with proof of fraud, the car rental company that accepted the stolen points simply refused to refund them. Henderson eventually got his miles back from American, but the whole ordeal revealed just how messy these situations can become.

From Sam’s Club to the Gas Pump

The problem isn’t limited to airlines. In May 2024, Sacramento County authorities arrested 38-year-old Inam Rasool after discovering he’d been systematically draining other customers’ Sam’s Club accounts. What started as an attempt to leave with $1,000 in unpaid merchandise turned into something bigger.

Store personnel began monitoring his return visits and uncovered a sophisticated operation. Rasool used stolen Sam’s Cash rewards to buy merchandise, resell it online. When police searched his home, they found over $25,000 worth of electronics, medications, pet food, hygiene products, supplements, and snacks. They also found shipping supplies, a computer, and a label printer for his online sales operation.

Meanwhile, in Peters Township, Pennsylvania, 18-year-old Paul Kostanich was hitting Giant Eagle fuel perks accounts. Video showed him visiting gas stations almost daily, holding his phone to barcode scanners to activate stolen points from different accounts. He admitted to hacking about 20 accounts and faced 58 charges, including identity theft.

One victim’s reaction captured the general disbelief, “I could never imagine someone hacking a Giant Eagle Perks card. I mean, really?”

Why This Keeps Happening

The problem is, rewards programs were never designed as financial assets—they’re marketing tools that accidentally became valuable. As Newquist explains, “They’re just a marketing gimmick developed by corporations that they hope will get us to spend more money with them. And it just so happens that they’re very, very good at doing that.”

From a corporate perspective, the math works out. If rewards fraud costs the industry $1 to $3 billion annually, but these programs generate over $70 billion for just the top airlines, that’s less than 5% lost to fraud. For many companies, it’s just a cost of doing business, especially when they can push losses onto consumers through terms of service that disclaim responsibility.

This creates what Newquist calls a perfect storm for fraudsters. You’ve got valuable assets with minimal protection, companies that won’t pursue prosecution, and victims left holding an empty bag while corporations point to fine print.

Protecting Your Points (Since No One Else Will)

So what can you do? Newquist offers practical advice with characteristic honesty.

First, change your passwords for rewards accounts. “I know you’d have to be a cerebral freak to generate a different password for virtually every account.” But at least make them different from your banking passwords.

Second, use two-factor authentication wherever it’s available. “Is it tedious? Yes. Does it save your bacon 99.9% of the time? Also, yes.”

Third, consider a password manager. Yes, the big ones have been hacked, but the benefits of managing unique passwords outweigh the risks.

Finally, actually check your accounts occasionally. Don’t be obsessive, but treat them with the same attention you’d give a bank balance.

The Bottom Line

Those rewards points you’ve accumulated aren’t just marketing fluff; they’re real value with real vulnerabilities. Companies have created a $74 billion economy from thin air, then washed their hands of responsibility when that value gets stolen.

For accounting professionals, this is a masterclass in risk transfer. For everyone else, it’s a wake-up call. In a world where teenagers systematically drain fuel perks and hackers book Abu Dhabi hotels with your miles, ignorance is an invitation.
Listen to the full episode above for Newquist’s complete investigation, including more cases and why he thinks these programs are essentially “legal money laundering” schemes. And maybe check your rewards balances while you’re at it. Just in case someone in Abu Dhabi isn’t already enjoying them.

From Vanishing Jobs to Work Slop: Inside Accounting’s AI Reality Check

Blake Oliver · November 17, 2025 ·

The accounting profession faces a stark reality-check as entry-level auditor positions have declined by 43% since January, and a third of accountants admit they cannot identify AI-generated fake receipts.

In episode 455 of The Accounting Podcast, hosts Blake Oliver and David Leary address the growing evidence that AI is disrupting accounting more rapidly than most firms can keep up with. From vanishing entry-level jobs to the rise of “work slop” (low-quality AI output that wastes time and money), the profession is struggling with changes that are both promising and perilous.

The Tech Stack Problem Nobody Wants to Talk About

Before diving into AI’s disruption, Oliver shared a surprising statistic: only 37% of accounting firms require their clients to use their technology stack. That means 63% let clients choose their own tools, creating a mess of incompatible systems and inefficient workflows.

“It’s one of the things we did in my firm that was a differentiator and allowed us to scale quickly,” Oliver explained. “It reduced training time. It increased the speed at which we worked.”

The reluctance to standardize reveals a deeper problem in the profession: firms are so afraid of losing clients that they sacrifice efficiency and scalability. Yet Oliver found the opposite: “The ones that were willing to make that shift ended up listening to us about other things, too. So you might want to consider requiring clients to switch as, like a testing mechanism to see if they’re actually going to be a good fit.”

This standardization challenge becomes even more critical as firms try to implement AI. Without consistent data inputs and workflows, automation becomes nearly impossible.

The Vanishing Entry Level: A 43% Wake-Up Call

The most alarming news Oliver shared was the 43% drop in entry-level auditor job postings since January, based on a study of 126 million job postings. Meanwhile, senior positions requiring ten or more years of experience increased by 6%.

“These firms are extremely shortsighted,” Oliver argued. “They are just trying to juice profits and revenue in the short term. And the easiest way to do that is to replace your entry-level people with AI.”

The vulnerability of these positions is clear. As Oliver explained, “The stuff an entry level auditor does is so basic, like cash confirmations. You can have an AI agent doing cash confirmations all day long. It’s not complicated.”

The fear extends beyond auditing. Nearly half (45%) of accounts payable professionals now fear layoffs in 2025, up from 27% last year. These workers see AI agents matching invoices, approving bills, and processing expense reports—tasks that once required human oversight.

Leary raised an important question: Are firms actually succeeding with AI, or are they cutting staff first and hoping to automate later? In Oliver’s view, the automation is working well enough to justify the cuts. But this creates a long-term problem. Without entry-level positions to train tomorrow’s senior accountants, where will future leaders come from?

Work Slop: The $200 Hidden Cost of Bad AI

A new Harvard Business Review study coined a term for low-quality AI output: “work slop.” And work slop is expensive. Each incident wastes nearly two hours and costs about $186 per worker per month.

Forty percent of workers report receiving work slop in the past month. More than half feel annoyed when they get it, and 42% view the senders as less trustworthy.

“Every time one coworker gives another coworker slop, it costs your company 200 bucks,” Leary emphasized. But, “Employees who turn out work slop probably already did work slop before. They just did it at a much slower volume.”

The hosts shared their own experiences with work slop. Job applicants submit unedited ChatGPT responses. Guest pitches reference the wrong podcast. Some candidates even feed interview questions into AI during live video calls.

“It looks good,” Oliver said about typical work slop. “Like if you look at the email, it’s nicely formatted and it looks good and then you actually read it and you realize that it’s garbage.”

The paradox is striking: 97% of firms admit they’re not using technology efficiently, yet 86% believe AI-using firms have a competitive advantage. The gap between aspiration and execution means firms produce more low-quality work faster rather than better work more efficiently.

The Fraud Detection Crisis

Perhaps most concerning is accountants’ declining ability to spot fraud. Thirty-two percent admit they can’t recognize AI-generated fake receipts. Another 30% are seeing more fraudulent receipts than last year, and 42% suspect colleagues have submitted fake or altered receipts.

“If you want to see just how difficult it is or how easy it is to make one, just go and ask ChatGPT to make you a receipt,” Oliver challenged listeners.

Leary noted that expense fraud isn’t new. After all, people used to pick a receipt up off the ground at McDonald’s. But AI changed the game. Now anyone can generate perfect forgeries on demand.

Oliver explained that current AI models don’t understand physics, so shadows and lighting in fake images often don’t match reality. But detecting these requires expertise most accountants don’t have.

“When nothing is physical anymore, how do you, as an auditor or an accountant, rely on a scanned document?” Oliver asked, highlighting a fundamental challenge for the profession.

Solutions Emerging from the Chaos

Despite the challenges, practical solutions are emerging. Zapier announced a “human in the loop” feature that pauses automated workflows for human review at critical points. “Don’t try to automate the whole workflow,” Oliver advised. “Try to automate one task in the workflow.”

Keeper launched a new AI product that converts payroll reports and settlement statements into journal entries—a task that previously required complex spreadsheets and manual work. At $50 per client per month, it represents the kind of targeted automation that actually works.

Even Drake Software, long criticized for being behind the times, launched cloud-based tax software. While limited to certain forms, it signals that even legacy providers recognize the need to modernize.

These tools show that successful AI implementation isn’t replacing humans entirely. Instead, it augments specific tasks while maintaining human oversight for quality and judgment.

Looking Ahead: A Profession at a Crossroads

The accounting profession faces interconnected challenges that require more than technological solutions. The 43% drop in entry-level positions poses a threat to the talent pipeline. Work slop erodes trust and efficiency. Fraud detection capabilities are falling behind those of fraudsters.

Yet there are opportunities within these challenges. Firms that thoughtfully integrate AI, maintain human oversight, and invest in training the next generation will have an advantage over those who chase short-term profits by cutting entry-level positions and blindly implementing AI.

As Oliver noted about his own firm’s success, standardizing technology, requiring client buy-in, and focusing on quality over quantity created real competitive advantages. The same principles apply to AI adoption. Success requires strategy, not just software.

To hear Oliver and Leary’s complete analysis of these shifts in accounting, including their discussion of H-1B visa changes, Trump’s latest tariff threats, and more practical insights for navigating AI’s impact, listen to the full episode of The Accounting Podcast. Their unfiltered weekly discussions provide essential perspective for anyone trying to understand where the profession is heading and how to thrive despite the uncertainty.

When Trust Turns Toxic: Inside the World of Pink Collar Crime

Earmark Team · February 2, 2025 ·

Could your most trusted employee be secretly siphoning company funds?

In a recent episode of the Oh My Fraud podcast, fraud investigator Kelly Paxton shares how seemingly reliable staff—often overlooked for potential misconduct—can exploit organizational blind spots.

According to the Bureau of Labor Statistics, nearly 90% of bookkeepers in the United States are women. While many people assume women are less likely to commit fraud, Paxton warns that it’s not gender but position and access that matter most. By trusting certain employees implicitly and failing to establish strong controls, businesses inadvertently cause serious financial losses.

As Paxton’s cases illustrate, ignoring stereotypes and adopting “trust but verify” strategies are crucial steps toward preventing fraud.

Kelly Paxton’s Path to Fraud Investigation

Kelly Paxton did not start out in law enforcement. She began her career in financial services as a commodities and bond trader. One day, a U.S. Customs agent called her brokerage firm asking about a suspicious client. Kelly alerted the agents, which led to a deeper conversation—and ultimately, a job offer. She joined U.S. Customs and conducted investigations into money laundering, narcotics, and other major crimes before moving into background checks for federal agencies.

Her investigative focus shifted when she joined a local sheriff’s office and noticed that nearly all the embezzlement suspects she encountered were women. Wanting to understand why, she discovered criminologist Kathleen Daly’s 1989 work referencing “pink collar crime,” a term describing embezzlement often perpetrated by those in bookkeeping or finance positions. Paxton’s takeaway: Access plus trust is the real key—90% of bookkeepers may be women, but it’s the opportunity that matters most.

Understanding Pink Collar Crime

Pink collar crime typically involves smaller amounts stolen over extended periods—fraudsters who make subtle “lifestyle” upgrades rather than lavish purchases. This can happen when the organization deeply trusts an employee. In many cases, they’re seen as family, invited into the home, and never suspected of wrongdoing. Victims are often embarrassed when they discover the truth and hesitate to report it—what Paxton calls “no victim shaming”: the more we shame victims, the less they come forward.

Key characteristics include:

Position-based access: Bookkeepers and finance staff control incoming or outgoing funds.
Incremental theft: A pattern of small transactions that grow larger over time.
Rationalization: Fraudsters may plan to “pay it back” but rarely do.
Deep trust: Employers assume loyal staff, especially women, “would never steal.”

When Pink Collar Crime Turns Deadly: “Red Collar” Cases

Most pink-collar crimes involve embezzlement without violence. However, some cases escalate to “red collar crime,” where financial fraud intersects with homicide. As Paxton explains, desperate fraudsters may resort to extreme measures when they fear exposure.

The Lori Isenberg Case

One chilling example is Lori Isenberg, a nonprofit executive director in Coeur d’Alene, Idaho. Her organization provided housing for low-income individuals—hardly the type of place where you’d suspect significant embezzlement. Yet over three years, Lori allegedly stole between $500,000 and $2.5 million by creating fake accounts, forging checks, and misusing her daughters’ and husband’s names.

When investigations closed in on her scheme, Lori took drastic action. In February 2018, on the same day local news broke a story about her suspected fraud, she took her husband out on a boat trip in the freezing Idaho winter. He mysteriously fell overboard and drowned. An autopsy revealed a lethal dose of Benadryl in his system. Lori claimed it was a suicide attempt gone wrong—an explanation contradicted by digital evidence showing she researched how to drug someone with Benadryl.

After disappearing for four months, Lori was eventually caught and accepted an Alford plea, which essentially concedes that a jury would likely find her guilty without formally admitting guilt. She received 30 years for second-degree murder, with an additional 5 years for her financial crimes, making it highly unlikely she will ever be released. The Lori Isenberg case underscores how far a fraudster might go to avoid being exposed—a stark reminder that misplaced trust and weak internal controls can have devastating consequences.

The Role of Trust, Bias, and Access

Society is conditioned to trust women—parents instruct children to seek a “nice lady” for help if they’re lost, for instance. This assumption carries over into workplaces, where female employees handling finances often face less scrutiny.

Paxton recalls her own days in U.S. Customs: “You put two women in a Honda Accord, and no one thinks anything is unusual. You put two men in a Ford Focus, and they’re pegged as cops.” Similarly, a “helpful bookkeeper” can escape suspicion for years.

What About Sentencing?

Sentencing for embezzlement and related fraud varies widely:

Federal Cases: They follow sentencing guidelines based on dollar amounts and other factors.
Local Cases: Judges can have broad discretion. Some jurisdictions impose tough sentences, while others might view fraud as a “civil matter,” limiting law enforcement intervention unless there are other serious elements (e.g., homicide).

This inconsistent approach can embolden perpetrators who believe they can dodge severe penalties—until a high-profile case, a dogged investigator, or a high-stakes victim (like a large corporation) brings full prosecution.

Avoiding Blind Spots: Trust but Verify

Rather than assuming anyone is “too nice” or “not smart enough” to steal, Kelly Paxton encourages businesses and nonprofits to focus on position-based controls:

Segregate Duties: Ensure no single person handles every financial task.
Surprise Audits: Don’t just check large transactions; occasionally review smaller ones.
Vendor Verification: Confirm that vendors and accounts are legitimate, especially if newly created.
Encourage Transparency: Cultivate a culture where employees and clients can report suspicious activity without fear.
No Victim Shaming: Publicizing embezzlement—when safe to do so—helps others learn and prevents repeat offenders from quietly moving on to the next company.

Learn More from Kelly Paxton

Kelly Paxton now hosts the Fraudish Podcast (formerly Great Women in Fraud), interviewing fraud investigators, victims, and even fraudsters themselves. She also covers topics like red-collar crime, employee embezzlement, and how biases impact investigations. Her new book, Embezzlement: How to Detect, Prevent, and Investigate Pink Collar Crime, is available on Amazon.

For a deeper look at Lori Isenberg’s story—and other fraud sagas—listen to the full episode of Oh My Fraud. You can also earn CPE credit by downloading the Earmark app and completing a short quiz related to the episode.

Company Culture Is The #1 Defense Against Occupational Fraud

Earmark Team · April 15, 2024 ·

In the cat-and-mouse game of occupational fraud, organizations often focus on implementing the latest anti-fraud controls. But the 2024 report from the Association of Certified Fraud Examiners reveals a surprising truth: the most effective defense against fraud may be hiding in plain sight – your company’s culture.

In Episode 58 of the Oh My Fraud podcast, hosts Greg Kyte and Caleb Newquist dive deep into the report’s findings. With their signature blend of humor and expertise, Greg and Caleb explore the key trends, surprising revelations, and actionable strategies organizations can leverage to fortify their defenses against occupational fraud.

Implementing Internal Controls Is Not Always Possible

While implementing technical anti-fraud controls is crucial, the report emphasizes that fostering a culture of integrity, led by management’s commitment to ethical behavior, is the cornerstone of effective fraud prevention in organizations of all sizes. This is especially important in small organizations.

Greg Kyte points out, “We have very minimal separation of duties at our company because we have four employees, and we’ve got one owner who fulfills an oversight role.”

In smaller businesses with limited staff, implementing a comprehensive system of internal controls can be daunting. The fundamental principle of separation of duties, which involves distributing key responsibilities among multiple individuals to prevent any single person from having excessive control over a process, becomes increasingly difficult to achieve when there are only a handful of employees.

Tips: The Most Common Fraud Detection Method

The ACFE report reveals a striking finding: tips are the most common method of detecting occupational fraud, accounting for 43% of all cases. This is nearly three times the rate of the next most effective methods, internal audits (14%) and management reviews (13%). Surprisingly, external audits and accidental discovery detected only 3% and 5% of frauds, respectively, highlighting employees’ critical role in uncovering wrongdoing.

These statistics underscore the importance of fostering a culture where employees feel empowered and motivated to speak up when they suspect unethical behavior. Organizations can encourage their staff to serve as the first line of defense against fraud by creating a work environment that values transparency, accountability, and open communication.

To maximize the impact of employee tips, organizations should consider implementing a comprehensive whistleblower program that includes:

Clear reporting channels: Provide multiple avenues for employees to report suspected fraud, such as a dedicated hotline, email address, or web-based form.
Anonymity and confidentiality: Ensure that employees can report their concerns without fear of retaliation by allowing anonymous reporting and protecting the confidentiality of whistleblowers.
Training and awareness: Educate employees on the signs of fraud, the importance of reporting suspicious activity, and the procedures for submitting a tip.
Timely investigation and response: Establish a protocol for promptly investigating tips and taking appropriate action when fraud is substantiated.

Profiling The Fraudsters: Challenging Stereotypes

One of the report’s most striking findings is the distribution of fraudsters across different organizational functions. While operations, accounting, and sales employees collectively committed the highest number of frauds, the report reveals that executive-level fraudsters caused the greatest financial damage, with a staggering median loss of nearly $800,000 per incident.

This disparity highlights the unique challenges of high-level fraud, as executives often have greater access to company resources, less oversight, and more sophisticated methods of concealing their activities. Organizations must remain vigilant against fraud at all levels, but the report’s findings underscore the critical importance of effective controls and oversight mechanisms for senior management.

Another surprising revelation is that the vast majority of perpetrators (86%) are first-time offenders with no prior history of fraud convictions. This finding challenges the assumption that fraudsters are career criminals who repeatedly engage in wrongdoing. In reality, many occupational fraudsters are trusted employees who succumb to financial pressures, opportunity, or rationalization – the three elements of the classic “fraud triangle.”

This insight has significant implications for organizations seeking to prevent fraud. Rather than focusing solely on background checks and criminal history, companies must adopt a more holistic approach that addresses the underlying factors that can lead employees to commit fraud.

Recognizing Red Flags: The Human Element of Fraud Detection

The report identifies several key red flags that are most commonly associated with occupational fraud, including:

Living beyond means: Employees who suddenly exhibit a lavish lifestyle that seems inconsistent with their salary may use ill-gotten gains to fund their spending.
Financial difficulties: Individuals facing financial pressures, such as excessive debt or gambling losses, may be more likely to rationalize fraudulent behavior.
Close vendor/customer ties: Unusually close relationships with third parties can indicate conflicts of interest or collusion.
Unwillingness to share duties: Employees resistant to sharing tasks or taking time off may be trying to conceal fraudulent activities.
Irritability, suspiciousness, or defensiveness: Individuals who become unusually irritable or defensive when questioned about their work may be trying to deflect attention from their wrongdoing.

Greg humorously notes, “If I still had a Tinder profile and I tried to describe myself in three words, it would be irritable, suspicious, and defensive.” While Greg’s quip is meant to be lighthearted, it underscores the real challenge of distinguishing between normal human behavior and potential fraud indicators.

Indeed, the report reveals that a surprising 16% of fraudsters exhibit no behavioral red flags, highlighting the limitations of relying solely on observing employee behavior to detect wrongdoing. This finding underscores the importance of implementing a multi-faceted fraud prevention approach that combines human intuition and technical controls.

Fortifying Your Fraud Defenses

The 2024 ACFE Report to the Nations highlights the critical interplay between technical anti-fraud controls and organizational culture in preventing occupational fraud. While proactive measures like tips, internal audits, and data monitoring are effective detection methods, fostering a culture of integrity is the foundation of a comprehensive fraud prevention strategy.

To gain deeper insights into the latest fraud trends, detection methods, and prevention strategies, listen to the Oh My Fraud podcast episode and discover how to strengthen your organization’s resilience against this pervasive threat. By understanding the human element behind fraud and implementing a multi-faceted approach to prevention, you can safeguard your organization’s assets and reputation in the face of an ever-evolving fraud landscape.