Well, one of the main topics about the CEO frauds, one of the most common things is that, normally, these kind of frauds are targeting big companies and the criminals in the hands is fraud schemers. They are not interested in small frauds like €1,000, € 3,000. They are normally trying to target big companies because they are not interested in getting less than a million. So normally, these kind of frauds are just trying to strike five million or even 10 million from the companies. So that's one of the reasons why they are trying to target these kind of companies. It's not so easy to draw a general schema of this kind of frauds because they can be so different as the brain of the criminals can make up. But normally, they try to focus in two different ways of activity fraud. One of them is trying to take the leverage of the human factor. So they are trying to cheat the people and try to make advantage of the problems or the not so perfect rules and protocols that normally we have in the companies. The other way is trying to attain the system. So they try to compromise the e-mail servers, and they try to impersonate the financial directors, or trying to just create some money related schema in which they can interact with the company itself and the providers so they can tamper the bills and they can have a new transaction. So it's not so easy to draw up, let's say a common picture of this kind of frauds. But normally, they move between those schemers. They are trying to take leverage from people and make leverage base from the systems. So redundantly in this year of all the most common schemers trying to cheat their financing records. So normally they send an e-mail or make a phone call, we have some recently that are going for WhatsApp messages or WhatsApp voice messages doing this. But mainly they try to impersonate the CEO, so they put the person on the financial director because allegedly there's a transaction that needs to be done to pay for a provider. In case they don't do it in less than two hours, this would be loss and that would be a huge damage to the to the company. So they make sure that you cannot contact the CEO because they normally tell the people that they are just in a plane or they have an urgent meeting now or they're in some kind of strategic meeting so they cannot talk. So they try to make sure that the financial directors, they cannot double check the changes on these transactions. So they make sure that they have enough pressure on them. So they make the movement just without thinking and they forget about the protocols, forget about double checking things. They don't even check the country the bank account they are sending the money because sometimes they are paying a provider which is allegedly in Australia, and they are sending money to Hong Kong or some other countries. So in the other side the criminals which are expecting that money, are there so quickly to go to the bank and start moving the money and spreading that in some more small amounts and they use different accounts, because as you can imagine just going to the bank and trying to withdraw €10 millions in cash, it's almost impossible. So they do not only have the main account which is using the fraud schemer, but you also have some side accounts which are normally used to spread the money and make the police activity more difficult and trying to make the recording of money more and more complicated for the company. We normally are prone to think that, since their main for the schemer which is just selling that basic e-mail or WhatsApp ID or something like that is quite simple. So we normally think that this can be made by simple people or guys who are trying to take the money from the company. But as I mentioned before, all this frauds requires not only the technical infrastructure to impersonate the e-mails or send the messages, whatever to try to make the finance director order the transaction, but you need a huge economical infrastructure behind that in order to receive the money, spread it in different accounts, just split it into small parts so they cannot trace it. So normally, the guys operating this kind of fraud scheme are premier galaxy, so they're well organized, they know what they are doing, and they obviously have a huge infrastructure of [inaudible] and fake accounts. Let's say financial institutions or companies or let's say, cover companies they normally use to move all the money. So even though the guy who is sending the e-mail, trying to bring deliberate forming of weakness of the financing director, can be a simple guy who has been hired just for doing that or for accrediting the email servers, which is invested in the company or registered under different domain just using some typos, even though these kind of crisis which are doing their main activities of the work could be simple guys which are not involved in criminal cases. The people behind that, the people receiving the money, the guys who are really orchestrating this kind of frauds, they are obviously capable of very sophisticated and a huge organization. Not only for us, but also for the companies who have to deal with this kind of replicas, once they form committees, I mean once the financing liquid has sent the transfer. It's quite complicated to stop it and to recover the money. For law enforcement, it is not so easy to start tracing the money because they know as they know how we work and they try to use different countries in which, we as European law enforcement we don't have the power and abilities that we have here in Europe. So they normally use countries that barely have legal agreements with us. So it becomes very complicated for us following that. But just regarding the investigation after the frauds, is quite simple because it's just following the money and trying to untangle the economic infrastructures that they have. So it's not so complicated that, the main problems when you try to link with countries that you normally don't work with them and they don't know you, they don't trust you and we don't have the legal agreements for that. So from my point of view, the main opportunity for companies trying to help companies on law enforcement living with this threat should be more focusing in detecting threat and just creating some kind of preventive measures. As I mentioned before, most of the tools and systems that are used to commit this kind of frauds, they are based on a human level. So most of them they are using fake domains, that can be similar to the companies based on typos or using different character for different alphabets because even for us, we see an A and its arrays visualize inside, an A from the Latin alphabet and an A from Syriac alphabet, it is completely different from the system. So you can register that domain name using Syriac letters and they can be quite similar to yours. So my opinion is that, companies or starters that want to help fight this kind of crimes, they should invest their produce ADS in creating some kind of Warning System or early warning system that may prevent companies to be attacked. Apart from that, there are some other things that is not normally discussed in this kind of frauds, but we the guys who work on the technology, we know that we have several assistance to protect and make email more secure, and while we are in our [inaudible] systems, but the problem is that, most of the companies are not using that, is not well implemented. It doesn't have the proper guidance about which kind of emails should be accepted or not. So if somebody is able to create a kind of a centralized system, that allows to implement this kind of message from an non effort way for the companies because normally you have to identify your IP address of the email servers. You have to go there, get your tics, defies, registries do all the work. Even if you are able to do that, you're not safe because, it's not only on your side it depends on the other sides. So if somebody is able to create a centralized system or a global system that provides this kind of protection to companies or to all the email services around the world. That look nice, so my recommendations is that people just start focusing in preventing the crime and detecting these kind of threats. So they should focus on creating establishes of early warning systems, that may allow people be aware that they are being targeted before the fraud has been committed and creating this kind of a globalized services that may protect companies. It's really [inaudible] from my side because I'm not working in the private sector, so I'm not the one dealing with a company and dealing with the business interests and trying to find a balance between the business and investment and the risks and these kind of things. My personal opinions is that this kind of frauds or threats, should be included in the risk management because most of the things that a company can do to avoid this kind of frauds, they are more related with their internal protocols, the way they work, because as far as we know, all the cases that we have detected in which say the more frauds not committed and they were able to stop or prevent the money to be transferred. It was because it was a very strict protocols or who has to offer as these kind of transactions? How much time they have to wait before they want to change the the bank account of the providers? Which are their procedures to make those changes be real? So this kind of message which obviously affect organization and the way people work may have a negative impact into the business because sometimes, it's true that you need to make an urgent transaction because the business is just quick and they need to get the money, as soon as they can. But that's why I mentioned the risk management, you have to put in the balance, the amount of money you can lose if you apply this more strict protocols or procedures to sign transactions. On the other hand, just think about the possibility of being a victim of this kind of frauds and how much money you can save for your company if you implement these kind of things. So including these kind of threats inside the Risk Management System of the companies, may allow you to have a complete piece in an overview or what is happening with you? How protected you can be? Obviously is not only about just creating some indicators about how much money do you saving to the company? Or how much money you are making the company lose because you're applying very strict protocols, it's not only about that. It's about prevention as well because you can just focus on detecting their possible fake domains or fake companies that may impersonate your company. But apart from that, if you finally become a victim in these kind of frauds, you should go to law enforcement and we can help you because most of the times, as soon as you can report this kind of threats, the sooner we can just address to the country, identified the right people there and make sure that your money can be tracked and return to your company.
