JUST before the weekend we mentioned the 'Nigerian' scam (E-mail pleas for funds) that the EPO had become a victim of, which is curious as the EPO, over at its Twitter account, warns people like applicants about bogus requests for payments (while the EPO itself falls victim to that). We saw that about half a dozen times in recent months alone. Speaking of the EPO's Twitter account, the EPO's PR people are working weekends again (this one is from today, Saturday) and for 3 days in a row now the EPO promotes the UPC over at Twitter (not hiding the agenda and its meddling beyond its scope of authority). No sense of integrity there. We are frankly not sure who's worse, the scammers or the EPO's management whose abuses cost a lot more money.
The DKPTO is ended up in an embarrassing situation after a ‘managerial employee’ was tricked by a sham-mail and transferred 900.000 EUR to a Chinese bank. Even though the money were returned to the DKPTO in the end the director JK is aware that something has to happen as a consequence of the embarrassment.
On 11 May this year a ‘managerial employee’ of the DKPTO, which is arranged under the Ministry for Trade and Growth, was targeted by a so called ‘CEO FRAUD’ -sham.
The employee got a mail from a person who pretended to be the director of the DKPTO, and the mail stated that the director wanted a transfer of 900.000 EUR to a Chinese bank for purchase of shares in a Chinese company – all done with discretion.
Following that the employee had exchanged mails with the person pretending to be JK, a transfer of the considerable amount of 900.000 EUR was arranged.
Only two days later when the fake director again contacted the DKPTO in order to have another 900.000 EUR transferred to a Chinese bank, the employee became suspicious and contacted his superior who contacted the director [JK].
Internal investigation
The money were returned few days later with the help of the police and the ‘Danske Bank’. But, important damage had happened which is basis for investigation by the police and internal investigation in order to understand how the DKPTO could be tricked by what in general is known as a ‘Nigeria-mail’ - though an extremely sophisticated specimen.
Right now status is that we are in the middle of an investigation. We have lawyers working on the investigation and the police is involved. The first couple of days we were busy recovering the money but now we are going to have an investigation of how it could end up so wrong says JK to BT.
How could it happen that a managerial employee was tricked by what many knows as a sort of Nigeria-mail?
The core problem in this situation is that control can be put in place but if the employees are not sufficiently attentive mistakes can happen. Right now I focus on the personnel. Con-persons like in this case are becoming more and more sophisticated. It is possible that we should have realized that something was wrong in this correspondence, but it was carried out in a really smart way. Technically seen the resemblance was very good and the persons behind had done an elaborate job. They had written the mail in a manner similar to how I write, explains JK, who also explains that the mail was written in Danish which means that the mail distinguishes itself from most sham-mails that end up in the in-tray of ordinary persons.
We do not know who is behind
When you say that they had copied both the technical characteristics and the way you write, do you then suspect that it relates to something internal at the DKPTO or someone who knows you?
Right now the police is carrying out an investigation so I cannot say before we know more, but I do not think that it is something internal. And, we do not know who is the person behind.
What are the consequences for the managerial employee?
This is a personnel issue and I will not comment on that.
What will be the consequences for the DKPTO?
Even though we managed to have the money returned we have had a slap in the face. And, it will result in increase of control among other for transfer of money, such that in the future three signatures will be needed instead of two. I have been in contact with our IT-technicians who say that nothing can prevent mails like the one the employee received. And, it is not certain that anything can be done concerning the procedure. So, it is about the human factor where we have to improve in spotting when people try to trick us. And, these people who try to trick – not only us – are at least as skilled as we are or even better.