Contacts      About the site
home Estimate and calculation

Types of business fraud. Protection against external fraud. Types of money fraud

Most small business owners mistakenly believe that everything in the company depends on them, and do not spend their time and money on protecting the business from different kinds scammers. This kind of irresponsibility can have negative consequences. V recent times attackers use completely new way taking money from small business... At the moment, the fraud scheme has not yet become widespread, but more than 100 company owners have already suffered. In this article, we will discuss how attackers can simply rob you of your money.

How do businessmen make money?

It happens as follows: a certain company, let's call it LLC "Horns and Hooves", appeals to the Arbitration Court with a statement of claim, to which it attaches a fake IOU or a fake act of work performed, with which you can safely sue about 300,000 rubles. In the best case, you will find out about the debt at the time of receipt of the writ of execution, and in the worst case, after the funds have been debited from your account. How does this happen?

The fact is that the court's decision in this case will be absolutely legal. The Arbitration Procedure Code (APC RF) provides for the possibility of debt collection from legal entity in the amount of up to 300,000 rubles, without calling the parties to court. While you are at a loss as to where this creditor came from, the bank legally (according to a writ of execution) will write off the money from your current account. As practice shows, it is practically impossible to return this money in the future, and the return process itself is very long and costly.

However, there were cases when the alleged creditors received more than 300,000 rubles from businessmen, but a simplified procedure for the trial was not provided for. How is this possible? When sending you a notice of the court session, the address (street name, house number, and so on) may be accidentally "confused". Accordingly, the letter did not reach the addressee, and the case has to be considered without the defendant, which undoubtedly plays into the hands of the fraudsters.

Basically, small businesses suffer from such intruders, but there are also quite large companies that could not properly protect their activities and prevent illegal actions against them.

How to avoid becoming a victim of scammers?

Undoubtedly, small companies are ideal targets for such schemes. Often the staff of such firms does not have lawyers or special services that would be involved in tracking cases in the Arbitration Courts. In addition, managers are more concerned with monetary issues and ways to promote a business, rather than the legal intricacies of doing entrepreneurial activity and other possible dangers.

Of course, it is easier to prevent the occurrence of a case of fraud than to deal with its consequences. Most importantly, remember to check your mail regularly, especially if the postal and physical addresses are different.

It is also a good habit to visit the website of the Arbitration Court on a monthly basis. It contains all the information about the court cases accepted for production. Check the website for information on claims against your company. If such information appeared, then immediately contact the court for clarification of the issue.

If you are afraid to forget that you need to check information about litigation, then you can set up monitoring for the name of your company in state registers of information, for example, in the unified federal register of bankruptcy information bankrot.fedresurs.ru. If any information about the company appears, then a message will be sent to the e-mail address. In addition, you can immediately see who has filed a claim against you and what their requirements are. In this case, you do not need to hire additional employees to protect your business, since you can do everything yourself.

If you were deceived by scammers

If the fraudsters still managed to file a claim with the Arbitration Court, and you received a writ of execution on the collection of a false debt, immediately contact the bank in which the company's current account is opened. The faster the better. The bank examines the requirements for the writ of execution within 7 days before debiting the amount specified in the document from your account.

In addition, you need to contact law enforcement agencies with a statement about fraudulent actions committed against you. Then go to court with a counter statement of claim to cancel the decision to collect the debt. While the proceedings are ongoing, the execution of the first judgment will be suspended. The court will appoint expert examinations and other investigative actions. This process is very long, but it is possible to prove that the documents presented to the court are false and it is possible to return your money. However, it is unlikely that it will be possible to find intruders, since “one-day” firms are usually used for such actions, and their real owners always remain in the shadows.

If the worst happened and you received the writ of execution later than the bank, or the document did not reach at all, and you could not warn in time credit organization, then get ready for a long and exhausting struggle for your money through the courts and law enforcement agencies. The sooner you start to act, the more likely it is that the seized amount will not have time to disappear from the account of the alleged creditor to the account of another shell company.

Summing up the article, let us once again remind you that you must not forget about protecting your business, especially since some of the methods are quite simple and do not require financial costs. Check your mail regularly and track events on the website of the Arbitration Court. As the saying goes: forewarned is forearmed.

From the point of view of the Criminal Code, fraud is the theft of property through deception or abuse of trust. Business fraud is as rife as ever. What tricks do attackers use to take advantage of the gullibility, carelessness, or negligence of entrepreneurs?

Fake payment for goods. An equipment wholesaler from Moscow has received a rush order for a prepaid delivery from a potential Moscow customer. The client is sent by e-mail check. After a couple of hours, the supplier receives a payment order for the goods. Without checking the receipt of money, the supplier ships the product. And then he discovers that no money from the client has been credited to the account.

In such cases, fraudsters rely on the seller's negligence when checking the payment, caused by the desire of managers to receive a bonus based on sales results. As a rule, such payments come on Friday evening, when the banks are already closed. The buyer begins to actively persuade the seller to urgently ship the goods. Finding it in a couple of days is almost impossible.

And it is always necessary to check the receipt of money in the account before shipment of products.

Interception of e-mail. If the company does not have its own mail server, but uses free services, they can be hacked and important emails can be intercepted.

The capital supplier of engineering equipment was negotiating the supply to Vladivostok. Prepayment was assumed, negotiations were conducted by e-mail. The supplier sent the invoice to the buyer by email. The latter assured that he had been paid, the products were shipped, but the money was never credited to the supplier's account.

It turned out that the buyer received a fake letter with an invoice attached. It contained the details of the fraudulent company. The attackers intercepted the supplier's original letter and replaced it with a forged one. I advise entrepreneurs to use their own mail server, track the flow of money and check counterparties before starting cooperation.

Re-registration of the counterparty. The debtor counterparty invites you to transfer old debts to a new company in connection with a change of legal entity? The traditional change of the operating company every three years in order to avoid tax inspections, it would seem, does not raise suspicion, but it can also be a signal that they do not want to return the debt to you.

Therefore, you need to check what has changed for the counterparty: has there been a change in director, address, founders. To do this, you can use special counterparty verification programs that will also check the filing of claims, blocking of accounts, etc. It is also recommended to require surety for the debt from the beneficiaries of the company or its early return.

Fabrication of false documents and websites. An example from practice: a buying firm asks for a large consignment of goods with a deferral, but is ready to pay an advance of 30%. The security service, having checked it, gives the go-ahead. But after the conclusion of the contract, the advance comes to the supplier's account not from the buyer's account, but from the individual. The buyer explains that this is faster and more convenient, and the seller who received the advance is unaware of the threat. After the goods have been shipped, the buyer disappears. It turned out that all the documents and the buyer's signatures on them were forged.

Another variant of fraud - a certain company creates an online store to sell a product in demand at a good price with excellent delivery terms. Buyers enter into contracts and pay advances. After a while, the firm disappears.

Therefore, entrepreneurs should implement an algorithm for a thorough check of counterparties (call by official phone numbers, analyze the site, find out the beneficiaries), check the powers and documents of the signers, and in case of payment not from the buyer's account, find out the reasons.

Unfair mediation. Entrepreneurs often look for intermediaries to solve delicate administrative or commercial issues. Through acquaintances or on the Internet, they find people who are ready to solve the problem. Payment is usually made in cash or through shell companies. After the advance payment, the intermediary disappears. There is only one advice - do not rely on intermediaries and act only by legal methods.

Fraud through an affiliated firm. Often the business is split into an asset holding company and an intermediary operating company that communicates with counterparties. Such a scheme often becomes the reason for default by the intermediary.

The businessman signed a deal on the supply of fuel from Russia abroad, and found a suitable vessel for its transportation. In order to optimize taxation, the shipowner company offered to conclude a charter agreement with an offshore company. But after loading $ 3 million of fuel onto the ship, it turned out that the goods were spoiled because the ship's tanks were not properly cleaned. The courts lasted three years, and the ship owner escaped responsibility, since the contract was formally concluded with an offshore company.

Tips: Make deals with the parent company that owns the assets and ask for surety from the beneficiaries or from the parent company itself.

Cargo fraud. Frequently, cargo transported by road is stolen due to the high cost of goods that fit into a truck and the simplicity of the methods of theft.

Usually, an entrepreneur orders cargo transportation from forwarding companies, choosing the one that will offer the most favorable tariff. But most forwarders do not have their own vehicles, so they look for a carrier with a car on order. The forwarder often does not have time to check his counterparty and makes an agreement with him even without a personal meeting, by e-mail. This is used by scammers.

Within a few hours after the order, the cargo may end up with the swindlers, and the customer will be calm, because he turned to a familiar forwarder. The cargo is usually reloaded in several places to cover the tracks. Finding it is almost impossible.

The freight forwarder is responsible for the loss, but he may not have enough money to compensate for the loss.

Therefore, you should sign surety agreements with the beneficiaries of forwarding companies, insure transportation and work only with trusted and large transport companies. Also warn the drivers against signature that in case of a call from the carrier about changing the place of unloading, you should immediately inform the customer and the police by phone - although the driver himself may be a member of a group of fraudsters.

Business fraud today is very common and painful for entrepreneurs, business owners and companies. I wrote this book, among other things, because I myself have repeatedly found myself a victim of scammers. I think my ignorance of things worth knowing played an important role in this. Read this book. It can help you make you less vulnerable to fraud.

III Types of business fraud (corporate fraud)

Let's look at a number of business fraud types (corporate fraud types) using material from the London National Fraud Bureau (NFIB) website.


Photo from the source in the bibliography

3.1 Account and Application Control Fraud

Account fraud


Obtaining your account can happen when a fraudster or cybercriminal presents itself to you as a real customer, takes control of your account, and then engages in unauthorized transactions. Any account can be obtained by scammers through bank, credit card, email, etc.

Online banking accounts are usually obtained by scammers through the use of phishing, spyware, or malware. It is a form of internet crime or computer crime.

The scam was committed if the money was lost by you.


App scam

When an account is opened using an application of fake or stolen documents in the wrong name, fraudsters use other people's accounts to withdraw cash, obtain a loan, or engage in other fraudulent methods.

Preventing identity theft can prevent app fraud. Know the information you need to protect. Keep your data private and keep confidential documents in a safe place. If you no longer need a letter or document, discard it; just rip it up and put it in the basket, or even burn it. Always keep a close eye on finances and loans.

You may receive plain or e-mails confirming new cards or loans you have not applied for. You pay for a subscription or direct debit that you are not aware of, such as using a mobile phone that you do not own.

If you are a victim of identity theft, you may become a victim of "app" scam; your data can be stolen and used to open a new account in your name.

Fake accounts are usually opened with banks or credit card companies, these are quick way access of fraudsters to funds using the data of victims.

But fraudsters can also use the data to open accounts in your name, such as a mobile phone contract, which will then be billed in your name.

App scam is different from your account scam. In this case, the criminals use your data to launch completely new accounts, whereas in the case of fraud using the account, you yourself transferred the data. The difference is that victims may not be completely aware of the "app" scam since the account was opened without their knowledge.

3.2 Bankruptcy betting and gambling fraud

Bankruptcy fraud

Bankruptcy and insolvency fraud can attract companies trading fraudulently just prior to being declared insolvent or phoenix companies.

A Phoenix Company is a company created after some company is declared insolvent, a new company is created overnight with the same attributes, but is not responsible for the losses of the previous business because they seem to be different entities.

Bankruptcy and insolvency fraud also includes illegal trading when a business is suspended or disqualified. Bankruptcy describes a person's financial status. The victims of bankruptcy and insolvency fraud are typically businesses that have provided loans to the bankrupt, such as credit card companies and credit card companies. The scam was committed if the money was lost.


Betting and gambling fraud

Betting and gambling scams occur when you are offered offers of inside information or supposedly insane systems that guarantee you profit from gambling - at horse races, football or various sporting events.

Beware of any scheme that guarantees you win; gambling by its very nature lays money in for an unknown outcome. Don't place bets on behalf of someone else, especially someone you don't know. Ask yourself why someone is selling their secrets if they have the knowledge. If this sounds too good to be true, it may not be true.

How does this happen? You receive a glossy brochure introducing you to a sports insider who has a track record of winning bets. You are asked to pay a subscription fee in advance so that you can receive confidential information that will give you an advantage. You are told that the player cannot place their own bets because the bookmakers know them; you and others like you need them to place bets on their behalf.

You are offered inside information that is horse racing oriented, but may include betting on any sport. Scammers do not have inside information or unrivaled systems that guarantee winning bets, and you will not be able to increase your chances of winning through these schemes.

In some cases, scammers will use false testimony from others who claim to have taken it upon themselves to give advice or give examples of races where they were right every time. You will be asked to pay a subscription fee for sending you supposedly confidential information.

You may be given a free bet to get you started - this is either a firm favorite or a secret advice bet that was given to other victims for all other possible outcomes in the same race or event, so it only takes one winning victim to err. believe the system is working.

Fraudsters will withhold the down payment, your bet or subscription, and will cut off contact with you if your bets lose. This is against the rules of racing competition for people in the industry who transmit confidential information, so it is unlikely that anyone with inside information will advertise it.

3.3 Business Directory and Publication Fraud

Business directory scam

Business directory scam occurs when your business is offered free advertising by mail, email, or fax, but is then billed for the service.

Protect yourself. Train your colleagues. Employees who handle external messaging need to be prepared to challenge challenges, letters and invoices. If you get an offer, do your research. Is the directory legal? Is the company offering you a listing registered with any trade authority?

Check out everything you have related to directories. Don't pay the bill without asking for it; scammers want you to believe that you mistake their listing as part of your company's directory listing.

How can this happen? You receive a call asking you to verify your company details for the directory service. You receive a form offering a listing to be returned completed to the sender, the caller asks you if you want to be listed or not. You sign your company's billed final claims for a list of directories you don't remember.

How can this happen? Scammers send the company a form by mail, email or fax, offering a free listing in the business directory, either in the directory or on the Internet. You are prompted to return the form even if you do not want to place an order, but a small print states that by returning the form you are placing an order and will be charged for catalog entries.

This is a kind of phishing or misrepresentation fraud: the directory may not be as famous as it is claimed, or have very few copies in circulation, and in some cases it does not even exist. Then your company is presented with a fake invoice, with the scammers hoping that the money will be paid to them without questioning. If your company asks for an invoice, the bogus publisher may try to present itself as a debt collection agency and send threatening letters.


Publishing Fraud

This type of scam happens when cold callers link businesses and sell ad space in a fictitious post for a seemingly good reason. The person who receives the call gives the impression that the publisher is working with local charities, services emergency care, crime prevention or other noble communities. Sometimes the caller will say that the business placed an order earlier or even that someone from the business agreed to take out the ad space. Scammers can also send invoices, regardless of whether the victim has agreed to accept the ad space. They can track invoices with threats of legal action. Beware of those who claim to be one of the following:

Charitable Society. Rescue service. 999 Services. Rehabilitation projects. This type of scam is now moving towards scammers posing as bailiffs using pressure tactics to inform victims that they must deposit money through the courts. Victims then transfer the money to the suspect's bank account, even when they are not sure if they ever agreed to advertise in the magazine. Please do not send money to these scammers. The scam was committed if the money was lost.

3.4 Verification Fraud. Domain name scams

Verification fraud

When someone gives you a check, they know you can pay in cash. The scammers did or forged everything in such a way that the bank would not accept the check. As a result, you will leave in the fraudster's pocket everything that you paid for the check.

Only accept checks from people you know and trust. Ask for a chance to review different ways payments that require different amounts of money. Always use a pen when signing a check. Write clearly and place notes in all empty spaces.

Look for signs of a trick. Maybe there is something suspicious in the check itself or in the writing of text about it. Check it out. Let's say you were given a check for more money than agreed and you were asked to change it.

How can this happen? Fraudsters can use one of many ways to pay for bogus checks. Paying you money on their check will not appear in your account so they can charge you goods, cash, or services without paying you in return. They can use a fake check that was framed by a fraudster to look real, or a fake check that is genuine but stolen from someone else with a fake signature.

Alternatively, they can give you a check that has been tampered with in some way, such as a security tampering that made it look good to you, but will be rejected by the bank. In some cases, they may use disappearing ink when writing a check, so the value of the amount or signature is gone by the time your bank processes it.

You can still lose more money due to overpayment. This is when someone pays you or your business using a fake check that is written for more than agreed monetary value. They will give you a reason to write a check for the additional amount and ask you to send it back to them. If you give the difference, taking into account the changes, to the fraudster in cash, verification becomes impossible, and the fraudster interrupts all contacts.

Fraudsters often use this check overpayment technique for fictitious jobs or to sell classified advertisements.


Domain name scams

This is about offering you a website address and falsely accusing you. Protect yourself.

Do not react to cold calls when you are offered to buy domain names. Don't buy under pressure. Do your own research with a supplier you know and trust. Know how much it costs to buy a domain name. Know who is supplying your domain name, and be prepared to dispute any invoices from suppliers you don't know.

You are called out of blue with a proposal for a very desirable domain name for you. You are told that someone else is going to buy an address, and you need to decide right now if you want to have that address. You end up being billed for a domain name you don't use, or from a vendor you never bought anything from.

How does this happen? Scammers find domain names that are right for you or your business. They put you under pressure to buy quickly, so you don't have time to verify their authenticity, or how much a domain name really costs, or even whether it sells at all. They can accept your payment details and sever all contact afterwards without giving you the promised domain.

Some scammers send bogus invoices for domains you don't have, or they scrutinize domains you own, and make it look like your real supplier is asking for renewal fees.

3.5 Use of Assets and Information.

Account fraud


Use of assets and information


This is when the assets of an organization are used for informal purposes. Asset and information exploitation scams can include those who provide information to outsiders for personal gain. This type of fraud does not include insider theft from the company, such as theft of stationary objects.


Account fraud


Fake invoice scams happen when fraudsters send an invoice to a company requesting payment for goods or services.

The invoice may indicate that the due date has passed or you may be threatened that non-payment will affect your credit rating. In fact, the invoice is fake and is for goods and services that you have not ordered or received.

3.6 Fraudulent Accounting. Fixed fraud

False accounting fraud

Accounting fraud occurs when a company's assets are overstated or understated in order to make it appear that a business is financially stronger than it really is.

Fraudulent account fraud includes employees or organizations that alter, destroy or deform any account; or presenting accounts from an individual or organization in a way that does not reflect the true value or financial performance of that company.

False accounting can occur for a number of reasons:

to receive additional financing from the bank; to report unrealistic profits;

to inflate stock prices;

in order to conceal losses;

to attract customers, to prove themselves more successful than they really are;

to receive a performance bonus; to hide the theft.

Whatever the reasons for false accounting, they are all motivated by the need to falsify records, change numbers, or perhaps preserve two sets of financial accounts.

It is difficult to detect account falsification activities, especially if you run an organization. Some examples of false accounting for fraud include:

an employee making inflated expenses;

a customer or employee who falsifies accounts in order to steal money;

an employee using false accounting to cover up losses arising from trading or fraudulent activities.

If you are not alerted to the problem, you will not be aware of any losses or the criminal activity that is causing them.

Fraud at the “extreme end of the scale” may mean that the company has suffered serious financial losses and / or is trading while insolvent.

What if you are the victim of a false scam?

False accounting is a criminal offense. Therefore, it is necessary to contact the appropriate authority, and it does not matter how much of the stolen money is in question.

Your organization may also consider taking action to recover any damages from employees who commit fraud. You need to find out the nature and extent of any losses. This can be done by your own accountants or external consultants, but don't wait for them to finish their job before you report them to be a scam.

Protect yourself from false counting fraud. Your organization can take the following steps to protect itself from false accounting:

presentation for discussion;

control of access to buildings and systems using unique identification and passwords;

restriction and careful monitoring of access to confidential information;

ensuring a clear division of responsibilities; consideration of the issue of work rotation; use of multi-level powers and signature levels for payments; regular reconciliation of bank statements and other accounts; implementation of audit processes and procedures from time to time;

promoting a culture of awareness of fraud among employees; adoption and implementation of a zero-tolerance policy for employee fraud; preparation of a clear response plan in the event of fraud detection.


Fixed fraud

Fixed line or premium rate scam is when the scam is committed against the phone companies. Fixed fraud can be done in several ways.

In some cases, scammers gain access to the switch and sell other people the ability to make calls through the switch. This is called Dial Through Fraud (DTF) or Direct Internal System Access (DISA) fraud.

Fixed bogus scam can include Premium Rate scam, which occurs when scammers significantly increase the number of calls to a premium number in order to increase the revenue generated from it.

The fraudster does not intend to pay the bill. The ultimate form of fixed line scam includes rogue attachments. In this type of scam, the fraudster presents himself as a phone service with a false name and leaves bad debt.

3.7 "Government Agency" Fraud. Insurance fraud

Fraud "government agency"

Government scammers are scammers who send formal letters or emails to request money or personal information. The correspondence gives the impression that they are from a government department and implies that they have some form of authority.

A letter or email may tell you that you must register in order to comply with some laws - for a fee.

End of introductory snippet.

Other types of fraud

ATM Fraud

"Skimming"

We have already mentioned skimming above, let's talk about it in more detail.

For an acquiring bank, skimming is no less a headache than for a financially responsible issuer, especially since the issuer and the acquirer often act as a victim in one person. Unfortunately, in most cases, the acquirer is the last to know about skimming when the incurred issuing banks figured out the device where the cards were compromised. Less often, the acquirer's services or vigilant customers are able to spot ATM overlays and eliminate them. But even in this case, the cards on which the transactions were carried out while the patch was on the ATM are subject to blocking and re-issuance. Here, payment systems are a link in the operational exchange of information between banks using compromised cards.

To counteract skimming, ATM manufacturers offer various anti-skimming devices integrated into card readers (Fig. 1.3), and screens that close the keyboard for entering a PIN code from prying eyes (Fig. 1.4).

Anti-skimming devices make it physically impossible for criminals to install skimming pads and can be equipped with sensors that stop the operation of the ATM in case of damage to the card reader slot. Some models of anti-skimming devices are equipped with a function called Jitter - the uneven speed of the card in the card reader, which makes it difficult for the skimming pad to read the strip.

The banks themselves are trying to organize protection on their own: they place a screensaver on an ATM or printed posters with an image of what the front panel of an ATM should look like, and interfere with mobile phones in the area where ATMs are located to prevent the transmission of copied data via GPRS.

According to the ARCHA Association, in the first six months of 2009, 30 cases of skimming were recorded in Russia. Losses from skimming in 2009 amounted to 771 million rubles.

Anti-fraud measures:

Periodic inspection of ATMs by technicians and collection service to detect any foreign objects on the front panel;

Placement of ATMs with safety in mind for customers, technicians and collectors;

Organization of a security zone in front of the ATM;

Equipment of ATMs with video cameras;

Installation of anti-skimming devices;

Placing a photo of a standard card reader on the ATM splash screen;

Use of unique stickers to seal the ATM keypad and card reader panel.

Cash withdrawal for cards stolen together with PIN-code

Very often the cardholder himself compromises the PIN code issued to his card by his actions. The problem is that cardholders cannot or do not want to remember the PIN code and write it down on the card itself, in a notebook, mobile phone or carry a PIN envelope in their wallet. Sooner or later, this leads to the fact that the card and the PIN code are stolen simultaneously and with a predictable result: the money is withdrawn from the card by the thief at the nearest ATM even before the client calls the bank and the card is blocked.

Compromise of the PIN code can occur immediately at the moment the legal holder makes a cash withdrawal operation at an ATM or POS terminal. An outsider who "accidentally" happens to be near can spy on the PIN-code from over the shoulder or from a distance using optical devices, and it is not difficult for professional pickpockets to steal the card itself. With the increase in the number of chip cards and the introduction of the PIN-code requirement for Maestro cards, the compromise of the PIN-code when entering it has become an urgent problem.

To obtain a PIN-code “without leaving the cashier,” fraudsters can introduce themselves as bank employees, for example, at a non-working ATM, and offer their assistance in carrying out the operation. The customer is asked to use the ATM and enter the PIN code with them. Further, either the owner of the card becomes a victim of skimming, or the card is banally stolen or replaced.

"Friendly" fraud

Use of the card by a family member, colleague or friend without the permission of the cardholder. Most often, we are talking about completed transactions of issuing cash through an ATM, which are disputed by the legal card holder. It should be noted that the options for collusion between the holder and the "friend" are not excluded.

According to the National Agency for Financial Research (NAFI), in Russia, 9.9% of cardholders transferred their card to third parties, 11.6% - keep the PIN code with the card, 19.8% - lost the card, of which 2, 29 % - they lose the card together with the PIN-code.

Anti-fraud measures:

Training of cardholders in measures of safe card servicing;

Equipment of ATMs with video cameras.

Lebanese loop (card trapping)

This type of fraud consists in the fact that a fraudster places a piece of plastic tape in the ATM card reader slot, which forms a loop that prevents the card from being returned. When the legitimate cardholder cannot get the card back, a “well-wisher” appears with a recommendation to re-enter the PIN code. If the holder agrees, then the fraudster spies on the PIN code "over the shoulder". The holder does not receive the card back, and the fraudster, after leaving the holder, pulls out the card by the edge of the tape glued to the outside of the card reader.

Anti-fraud measures:

Equipping ATMs with anti-skimming pads on the card reader.

Card substitution or theft

When carrying out a card transaction at an ATM, before the card is returned by the ATM, fraudsters distract the holder.

In this case, the card is stolen or replaced. Fraudsters act in a group, one distracts, the other takes or changes the card. The PIN-code of the stolen card is peeped over the shoulder.

Anti-fraud measures:

Training of cardholders in safe card servicing measures.

"Pinching"

The fraud is committed by the legitimate cardholder. Not the entire stack of cash is taken from the tray for issuing bills, but only a certain amount of bills from the middle of the stack. The ATM captures the remaining money as “forgotten” by the customer. Before the massive cases of "pinching", card processors worked out such a return as full reversal, with the full amount of unpaid funds credited to the client's card account. Cash collection of the ATM, identification of the shortage and subsequent investigation made it possible to identify the fraudster, but by that moment there were no funds on the account, and it is very problematic to prove the fact of fraud to the bank. At present, the practice of working with amounts not issued by an ATM for various reasons provides for their return to customers' accounts only after the cashier has checked the results of collection.

Anti-fraud measures:

Equipment of ATMs with video cameras aimed at the tray for issuing bills

Cash Trapping (overlays on the cash drawer)

A fraudster places an overlay over the cash drawer. The design of the cover is such that the banknotes issued by the ATM are seized, but not issued to the cardholder. When the client leaves without waiting for the cash to be dispensed, the fraudster removes the slip along with the delayed funds. Anti-fraud measures:

Equipment of ATMs with video cameras aimed at the tray for issuing bills.

Fraud aimed at collecting information about payment details of cards

Phishing Pharming

E-mails, SMS messages or phone calls, allegedly on behalf of the bank, containing a request to provide payment details of a bank card, PIN code or personal data of the client, are called phishing - symbiosis English words phone and fishing. The method really resembles fishing: a large number of "bait" letters are thrown in by mass mailing, then responses from those who are hooked are collected. Vulnerabilities used in phishing are the human factor and imperfect means of client authentication by the bank.

Recommendations for clients on how to identify a phishing letter are as follows: banks never ask for personal card data, except when the client is personally present at the office or through remote banking systems with mandatory client authentication. In addition, the text of the letter may contain grammatical errors, the address to the client is impersonal (for example, "Dear client!"), The tone of the letter is alarming, warning of problems (for example, "loss of accounts") if the client does not provide the required information.

One of the types of phishing is called “farming”. The client, by typing the correct address of the bank's website in the address bar, is redirected to a website controlled by fraudsters. The design of the fake site almost completely copies the original bank site and contains a list of fields for filling in with personal data. The method can be used both on the client's computer using "Trojans" (the table of correspondence between DNS names and IP addresses is changed), and directly on the DNS server of the client's Internet provider. The client is confident that he uses the services of the bank and fearlessly enters payment details. After that, the client's personal data becomes available to fraudsters, and the client is redirected to the bank's official website.

For the prevention of pharming, clients should be obliged to recommend using only their own personal computers with an up-to-date updated version of the anti-hacker and anti-spyware anti-hacker and anti-spyware anti-virus software for accessing and performing operations in RB systems. Otherwise, there is no guarantee that the computer is not infected with spyware that collects personal data (logins, passwords), or Trojans that change the firewall settings and make the computer vulnerable to unauthorized access. Use USB tokens to store key data.

Anti-fraud measures:

Training of cardholders in measures of safe card servicing, including through RBS systems. The client should be aware that banks are never asked to tell or send them a PIN. The addresses of the sites of the banking systems RBS contain the sign of using a secure communication channel https: //;

Using dynamic one-time passwords for client authentication.

Fake ATMs and cash dispensers

This is a rather exotic type of fraud for Russia, but it has many precedents in world practice. Under the guise of an ATM, a device that looks like an ATM is installed - either handicraft or assembled from spare parts. In the United States, it is legally allowed for individuals to purchase ATMs to generate commission income, which is also used by fraudsters. In any case, the devices are installed with one purpose: to copy the magnetic stripe and PIN-code.

In Turkey, there have been repeated cases of compromise of the details of tourists' cards in the so-called Post-office - offices that offer cash withdrawal by bank cards with a minimum commission for the operation. You should also avoid offers from merchants to cash out through the POS terminal intended for checkout.

Anti-fraud measures:

Train cardholders in secure card handling, including the use of ATMs and overseas cash dispensers owned by local official credit institutions. The location of ATMs and bank offices can be found in advance on the websites of banks or websites of international payment systems.

The world practice of combating fraud shows the evolutionary nature of the development of fraudulent activity: along with the emergence of new species, old ones also improve and adapt to new conditions. Fraud is a dynamic process that requires constant analysis and prompt response from the banking community. By now, however, the funds that banks have to protect their issue of magnetic stripe cards have been exhausted. The severe financial and reputational consequences of skimming are forcing payment systems, credit institutions and their vendors to work to promote technically advanced EMV technologies. Sufficiently convincing statistics have been accumulated showing the shift of fraudulent activity from the massive transition to microprocessor cards of European countries to emerging markets of Eastern Europe, Russia and the countries of the Asian region. Also, thanks to the modernization of the ATM and POS-terminal network with EMV support, the volume of fraud has shifted to the area of ​​CNP transactions. Back side medals was the increase in the number of cases of compromise of the PIN code with its more frequent use. This example shows how important an integrated approach to addressing security issues is, taking into account the interests and capabilities of all market participants.

At the same time, the majority of North American issuers are in no hurry to migrate to a chip, and there has not been a dramatic drop in the cost of EMV technologies over the past decade either. We can say with great confidence that in the next ten years, magnetic stripe cards, as well as hybrid cards (with a magnetic stripe and a microprocessor), will not leave the scene. This means that the security issues of the card business for all its participants will remain relevant. As already mentioned, the independent actions of a single credit institution or processing center to ensure their own security are severely limited. That is why payment systems have developed and are actively lobbying for measures aimed at collective protection of all participants in the cashless payments industry. We are talking about the unified standards of VISA Inc. and MasterCard Worldwide, which define information security requirements and controls for their widespread use. The main standard - Payment Card Industry Data Security Standard (PCI DSS), will be described in detail in this book by specialized specialists. The chapter concludes with a summary based on the experience of fraud protection for the issuing bank and the acquiring bank.

Practical measures for comprehensive protection of the issuing bank

1. The current policy of ensuring the security of the issue of cards, which establishes the responsibilities and authorities of all departments of the bank involved in the issuance and maintenance of bank cards for protection against fraud, the distribution of zones and the degree of their responsibility.

2. Existing procedures for verification of client applications for card issuance.

3. Current regulations for safe transportation, storage, issuance of cards and PIN envelopes, destruction of unclaimed cards and PIN envelopes. Providing conditions for separate delivery and storage of cards and PIN envelopes. Sending cards only in a form blocked from use.

4. Control and accounting of card blanks, as well as produced, issued and destroyed cards.

5. Compliance of key-management procedures, personalization of cards, printing of PIN-envelopes, storage of card blanks with the requirements and standards of international payment systems.

6. Use of systems for on-line monitoring of authorization traffic with the ability to analyze and make decisions on suspicious transactions in order to minimize risks (refusal of authorization, card blocking, setting limits on transactions).

7. Use of systems for monitoring transactional activity based on clearing messages, including messages from the claim cycle, and making decisions on suspicious transactions in order to minimize risks (card blocking, setting transaction limits).

8. Monitoring of alerts of international payment systems (Security bulletins, Fraud Reporting: SAFE, FRS).

9. Mandatory training of cardholders in the rules of safe storage and use of cards. Free provision to cardholders of means of independent control of operations (SMS-informing).

10. Mandatory training of bank employees involved in the procedures for issuing and servicing bank cards, measures to protect against fraud.

11. Transfer of issue to microprocessor cards with Chip & PIN service rule, 3D Secure protocol support on the issuer's side.

12. Insurance of risks of the bank's card business against fraud by third parties.

13. Blocking and reissue of compromised bank cards.

Practical measures for comprehensive protection of the acquiring bank

1. The current policy of ensuring the security of the terminal network for servicing cards, which establishes the duties and powers of all the bank's anti-fraud divisions involved in the development and operation of the terminal network, the distribution of zones and the degree of their responsibility.

2. Existing procedures for verification of merchant applications prior to the conclusion of contracts.

3. Periodic inspection of the merchant - visiting a bank employee, checking for compliance with the nature of the merchant's activities as stated in the application.

4. Use of systems for on-line monitoring of authorization traffic with the ability to analyze and make decisions on suspicious transactions in order to minimize risks (refusal to conduct an operation, blocking the terminal).

5. Use of systems for monitoring transactional activity based on clearing messages, including messages from the claim cycle, and making decisions on suspicious transactions in order to minimize risks (terminal blocking, merchant blocking).

6. Organization of monitoring of software, hardware and communication components of the ATM network for exposure to fraudulent influences.

7. Compliance of key-management procedures with the requirements of international payment systems, crypto protection of information transmitted through public communication networks.

8. Monitoring of alerts of international payment systems (Security bulletins, Fraud Reporting: SAFE, FRS, RIS, NMAS, MATCH).

9. Maintaining a database of merchants, contracts with which have been terminated or applications for service in the bank have ever been rejected.

10. Support for the 3D Secure protocol on the acquirer's side, support for EMV in ATM and POS-terminal networks.

11. Mandatory training of merchant employees in the rules for accepting and servicing bank payment cards, security standards for international payment systems, identifying and suppressing attempts to use counterfeit and stolen cards. Clarification of legal responsibility for complicity in fraud with payment cards, personal responsibility of merchant employees for compliance with the rules of the bank and the Criminal Code of the Russian Federation.

12. Mandatory training of bank employees involved in the development and operation of the terminal network, measures to protect against fraud.

13. Insurance of risks of the bank's card business against fraud by third parties.

14. Compliance with PCI DSS card systems security standards.

Criminal liability for crimes in the field of bank cards

Losses in the field of payment bank cards

According to our estimates, based on the analysis of payment systems data, in 2009 losses from criminal encroachments on financial resources in the field of payment cards circulation worldwide amounted to about USD 7 billion, while in 2007 these losses amounted to 5 , $ 8 billion

In many countries, much attention is paid to this problem, special police units have been created to combat crimes in this area. This section analyzes the criminal and criminal procedural legislation. Russian Federation, forensic practice, and also summarized the practical experience of banking security structures.

According to the Ministry of Internal Affairs of the Russian Federation, losses in the field of bank payment cards in 2010 amounted to only 9 million rubles, in 2009 this figure was 63 million, and in 2008 - 24 million rubles. However, the data of the Ministry of Internal Affairs of the Russian Federation does not give a complete picture of financial losses. It is rather difficult to obtain reliable figures for losses in the field of payment bank cards in the Russian Federation. The central bank does not keep such statistics.

The fact is that only banks themselves have full information about the facts of theft of funds from bank cards. In order to collect statistics across the country, some kind of mechanism is needed. The Central Bank of the Russian Federation does not have such mechanisms - it cannot interest credit institutions in any way in order to provide information and at the same time absolutely cannot control bank card transactions in order to verify the data provided. Unlike the Central Bank of the Russian Federation, international payment systems have at their disposal mechanisms for obtaining information on losses in banks and have been keeping such statistics for a long time. In Russia in 2009, 88.1% of turnovers on bank cards were cards of the international payment systems VISA (61.6%) and MasterCard (26.5%). However, this information is confidential and is rarely disclosed by payment systems. Employees of banks of members of international payment systems have access to this information on an ongoing basis.

To determine the amount of losses in the field of bank payment cards, the authors used the following methodology:

The data of the VISA and MasterCard payment systems (in US dollars) are added together;

Based on data from the Central Bank of the Russian Federation, the share of these two largest systems and other market participants is calculated;

The amount of losses increases proportionally, but at the same time it is considered that other payment systems incur losses only for stolen and lost cards (it is assumed that there are no losses on fake cards and on the Internet);

The average annual exchange rate of the ruble against the US dollar is calculated and the total amount of losses is recalculated in rubles.

This technique has its drawbacks and errors. Losses of international payment systems are divided into emission (losses on the issuer's cards) and acquiring (losses in the acquirer's terminal network - ATM, merchant). Therefore, on the one hand, if the theft took place on a Russian card on the territory of Russia, then the amount of losses will be taken into account both for the issuer and for the acquirer; on the other hand, if both the issuer and the acquirer are one person, then most likely the amount of losses will not be included in the reports at all. Despite this, the authors currently do not know a more accurate method for determining losses in Russia, at the same time, with its help, the dynamics of changes in losses is quite clearly visible (Table 1.1).

The data obtained, based on information from payment systems (PS), can be compared with the data of the Ministry of Internal Affairs of the Russian Federation (Table 1.2).

As a result of comparison, we find that the latency (secrecy) of theft is about 95%, that is, 989 million rubles out of Russians stolen by bank cards or from ATMs, trade and service enterprises in 2009. The Ministry of Internal Affairs of the Russian Federation was looking for only 63 million, the remaining 926 million rubles, or 33 million US dollars, were appropriated with impunity by criminals. At the same time, information about the crimes did not reach the law enforcement agencies, therefore, no criminal cases were initiated and no one even looked for the perpetrators. If we take into account that on the Internet a counterfeit bank payment card, ready to use, costs an average of $ 100-200, and with its help it is possible to steal $ 1-3 thousand, it turns out that the criminal carder business becomes very profitable and at the same time safe enough (with impunity). One involuntarily recalls the words of Karl Marx that no capitalist will stop before committing any crime if the profit is 300%. That's why underworld long ago turned his attention to bank cards. Very often there is cross-border crime, law enforcement agencies in many countries, including Russia, are faced with international criminal communities.

To resist such a powerful criminal onslaught, a clear system of counteraction to criminal encroachments must be built in the country, including the legislative, judicial, executive (law enforcement) branches of government, commercial structures (banks, processing centers, payment systems). Unfortunately, we have to admit that there is no such system in Russia at the moment.

At the moment, according to data for 2009, the following types of theft in the field of payment cards are most common in the world:

1) carrying out transactions without the physical presence of the card (internet payments) - 41.08%;

2) transactions using counterfeit cards - 34.16%;

3) transactions using lost (stolen, lost) cards - 19.44%.

Thus, these types of theft in total in the world account for 94.68% of crimes.

In Russia, the picture of card losses is somewhat different. Losses from transactions without the physical presence of a card account for only 2–3% (this can most likely be explained by the underdevelopment of online commerce), while losses in the ATM network in 2009 amounted to 38% of all losses. Thus, from the point of view of bank card technology, the most secure type of operations - cash withdrawal from ATMs - in Russia in terms of losses practically corresponds to the world level of losses from the most risky operations on the Internet. The ratio of issuance and acquiring losses in 2009 was 41 and 59%, respectively (ATM losses: 38%, 62%). In 2010, there is a trend towards an even greater increase in the share of acquiring losses - up to 70%. This suggests that Russia has become a favorable country for the use of counterfeit bank payment cards. The most significant conditions that contribute to this are the ineffectiveness of the law enforcement system and the unavailability of the acquiring network of Russian banks to accept microprocessor (EMV) cards. The number of terminals (ATM, POS) capable of servicing EMV cards of international payment systems in 2010 was about 65%, the number of EMV cards - 50%. This situation is well characterized by the average amount of one fraudulent transaction in the world and the Russian Federation (Table 1.3).

As you can see from the table. 1.3, the figures for Russia are almost two times higher than the global ones.

Despite the relatively high numbers of losses from illegal transactions in the field of payment bank cards, international payment systems are not very concerned about this issue in Russia, since Russia's share in global losses is less than 0.5%. The undisputed leader in this indicator is the United States - more than 40% and Europe - more than 30%.

From the author's book

Types of fraud for a credit institution - an issuer Lost / Stolen cards A significant portion of lost or stolen cards are subsequently used by cybercriminals to commit crimes. This type of fraud, which has more than

From the author's book

Types of fraud for the acquirer Enterprises registered to commit fraud The purpose of fraud is to register a company with a bank for the Merchant Acquiring service with opening a current account or transferring to an account with another bank, committing

From the author's book

Part I. THE NATURE OF FRAUD We have divided our book into five parts - Part I "The Nature of Fraud", Part II "Identifying Fraud Cases", Part III "Investigating Fraud Cases", Part IV "Preventing Fraud" and Part V "Developing a General

From the author's book

TRUST AS A NECESSARY ELEMENT OF FRAUD Trust is one of the main points in any scam, deception and fraud. Since this word itself comes from the word "faith", it is impossible to deceive anyone as long as the deceived one does not believe, trust the swindler. Husbands

From the author's book

TYPES OF FRAUD __________________ Fraud that includes deception can take various forms... We often categorize fraud cases into six types. The first is embezzlement or embezzlement by an employee. Note 1. In this case, employees

From the author's book

MOST TYPICAL TYPES OF FRAUD ON THE PART OF EMPLOYEES Theft of cash from the cash desk Theft of checks Misuse of cash Counterfeit cash books Falsification of bank accounts Forgery of checks Use

From the author's book

Part II. DETECTING FRAUD The process of detecting fraud includes activities or actions taken to detect evidence of fraud, abuse, or other malicious conduct. To the process

From the author's book

Some common types of abuse and fraud In this section, we will consider what types of abuse and fraud are most often used by employees of Russian enterprises and organizations.

Distinctive features of the corporate type of fraud are the problematic nature of the detection of offenses and the complexity of the formation of the evidence base. Fraudulent actions within large enterprises are always deliberate and aimed at obtaining their own material benefits.

Corporate fraud concept

Responsibility for crimes with signs of corporate fraud is spelled out in the Criminal Code. The legislator defines this kind of offenses with a list of actions:

  • hidden theft of assets;
  • an attack with the use of physical violence on the owner of property objects for the seizure of these assets (an individual can be subjected to measures of influence through threats, beatings or wounding with a weapon);
  • appropriation of someone else's property and its subsequent waste;
  • facts of extortion with the use of blackmail and threats;
  • open theft of assets;
  • causing material damage to the owner of the property through willful deception or negligence.

The reasons for unlawful activity lie in the ability to hide their involvement in what happened. Individuals can count on the fact that it will be impossible to find direct evidence of their guilt, and the presence of only indirect indications cannot be the basis for criminal prosecution. An additional motivating factor is the presence of a chance to justify oneself in the eyes of colleagues and the company's management.

Among the reasons for fraudulent acts may be the aggressive impact of environmental factors: temporary financial difficulties for a person, the need to urgently pay for expensive treatment, addiction to gambling or bad habits that an individual cannot cope with on his own.

Fraud types

Fraudulent activities can be classified into:

  • Internal, which are carried out by the management of companies and employees.
  • External, the participants of which are the company's counterparties and outsiders.

BY THE WAY! Internal corporate fraud is the most common illegal activity. Their feature is the ease of implementation due to the availability of access to tangible assets and monetary resources in the process of implementing labor activities.

Internal fraud can be manifested in:

  • poaching the clientele of the enterprise;
  • supplying competitors with confidential information of a technological or financial nature;
  • forgery of documents using original seals and company letterheads;
  • attracting subordinates to carry out work outside the job description to meet personal needs;
  • early unjustified write-off of assets for the purpose of their appropriation, fraud with the payment of wages to employees.

By the nature of its actions, corporate fraud is divided into groups:

  • Corrupt activities.
  • Assignment of assets (cash or goods and materials).
  • Drawing up fictitious financial statements with overstatement or understatement of the amount of income (profit).

REFERENCE! The corruption component of fraud is manifested in bribery, granting preferences for a fee and extortion.

Schemes

Enterprises are characterized by the following corporate fraud schemes:

  • postscripts with re-grading;
  • unreasonable write-offs;
  • double purchases;
  • unaccounted production of additional consignments of goods;
  • bribes;
  • fraud in the implementation of pricing policy;
  • illegal contract work.

Fraud with material values

When organizing the delivery and acceptance of raw materials, there may be an indication of inflated indicators of the weight of materials, quantity, writing in the documents of a different type of product. Re-grading can be organized for any product. Non-existent volume or mass is compensated for by impurities of earth, products of a lower class, garbage or cheaper analogs.

Fraud with goods and materials is easily carried out if payments for products are made in cash at the place of shipment. The combination of this scheme with ineffective incoming control and weak monitoring of the procedures for writing off materials for production creates favorable conditions for an increase in the volume of theft.

An example of deliberate mis-grading and unjustified write-off can be the rejection of normal products with subsequent sale to a specific buyer at reduced prices. The next stage is the sale on the consumer market at market prices of this product and the division of profits between the participants in the scheme. Collusion between a supplier and an employee who is responsible for the installation of equipment or storage and disposal of products can manifest itself in the scheme:

  1. Real purchase of a valuable product.
  2. The entire volume of production is written off (in fact, only part of the inventory was to be written off, the rest were fictitiously removed from the balance sheet).
  3. Re-purchase for the amount of fictitiously written off materials (its result will be a transfer of funds to the supplier without subsequent delivery).

REFERENCE! The scheme with fictitious write-offs and repeated purchases is most often used in relation to spare parts for transport and equipment, fittings and equipment.

The second method with unreasonable write-off concerns expensive equipment. What is available at the enterprise is written off as unusable and not subject to repair, removed from the enterprise and transferred to third parties. The equipment is being modernized and resold back to the same enterprise or to another under the guise of a new asset.

Manufacturing fraud

On production facilities fraud can be based on overstating the consumption rates of raw materials. This allows you to write off more materials than is actually used, and resell the saved on the foreign market. The second option is to launch unaccounted for production from illegally decommissioned raw materials.

Prices and contract work

Rollback schemes use the following techniques:

  • purchase of materials at inflated prices to the detriment of their own enterprise;
  • understatement of prices for the execution of individual orders for individual clients;
  • the use of an exclusive system of discounts, which is available only to select customers;
  • deliberate distortion of prices by demonstrating inflated price tags when conducting sales at regular cost in the accounting department.

The main methods of fraud in working with contractors are manifested in the distortion in the documentation of the values ​​of the consumption of raw materials, areas of serviced facilities, the imposition of other unnecessary services, the write-off of expensive materials when their cheap counterparts are actually used.

Detection and investigation of offenses

Signs of the presence of fraudulent schemes in the enterprise can be:

  • unusual procedure for filling out documentation by employees, requests to sign blank forms or affix their stamps;
  • refusal to take vacations or transfer cases to colleagues;
  • an abundance of profitable contracts in a short period of time, concluded by one person;
  • the receipt of a large number of requests for income in relation to one employee from the judiciary and the FSSP;
  • making adjustments to the reporting directly by the director without coordination with the accounting department;
  • regular appearance of shortages;
  • complaints and suspicions of the company's team members;
  • too close contacts of the manager with suppliers;
  • high level of management staff turnover;
  • frequent change of jobs by a specialist.

If there are any suspicions about the introduction of corporate fraudulent practices, the manager should take steps to collect evidence to bring charges against specific individuals. The best way is to initiate an audit, which will reveal inconsistencies and facts of violations in warehouse, production and accounting.

In the absence of an opportunity to involve the auditor in the investigation, it is necessary to systematize the information concerning the violation:

  • what assets were stolen;
  • which of the employees or board members could be interested in the implementation of the fictitious transaction;
  • who has free access to the missing objects;
  • analysis of methods of concealment of stolen goods, check of distribution channels;
  • interviewing staff for threats or pressure to induce assistance to perpetrators.

Countering corporate fraud

Prevention of the occurrence of fraud within the enterprise should be aimed at strengthening control over the work of personnel. For this, a system of double control and additional verification of officials endowed with a large set of powers is being introduced. Systematic independent expert audits will minimize the risks of financial fraud and fictitious transactions with materials.

It is recommended to create a security service, if necessary, the access control of all visitors and employees is introduced. If a violation of labor discipline is found, the leader must show will and punish the guilty. As a motivating factor for impeccable work, you can use the creation of the most comfortable working conditions and offer employees decent wages for their actions.

Examples of

Examples of intra-enterprise fraud:

  1. The employee responsible for concluding transactions with customers, on the eve of signing the contract, transmits information about the subject of the agreement, the amount of the contract and the proposed conditions to a competing firm, which at the last moment beats off the client. The employee receives a percentage of the competitor's contract value.
  2. The metalworking machine was sold and documented as scrap metal. The machine was cleaned, oiled, painted, new technical documentation was issued for it and sold back to the manufacturing plant with a 60% mark-up.
  3. Increasing the wage bill while carrying out staff reductions.
  4. Inclusion of "dead souls" in the statements for the payment of funds.
  5. Organization of the purchase of a consignment of goods at prices higher than market prices.
Share with your friends or save for yourself:

Loading...
Recommended related articles
Where did the golden horde originate
Where did the golden horde originate
The first symptoms of cancer: how to recognize oncology in the early stages
The first symptoms of cancer: how to recognize oncology in the early stages
The most delicious lazy dumplings with cottage cheese
The most delicious lazy dumplings with cottage cheese